- Comcast Xfinity: a flaw was found where one could extract the home address of customers, because of a weird login system that partially shows home addresses based on which IP you had, which could be spoofed. Worth a read to learn how -not- to make authentication easier. A secondary flaw was found where one could brute force a social security number used in a login form.
- GoDaddy: information on 31.000 GoDaddy servers was exposed in an unsecured s3 bucket, including juicy stuff like configuration details and price negotiations between them and AWS.
Two critical vulnerabilities were found in HP printers where one could simply send a fax, and then get full control of the machine. Better patch em if you got em. The researchers also point out that it's probably not just HP that is vulnerable to this, it was just their example.
Essentially any app that has access to external storage (the SD card) can either crash and inject code into another app (with more privileges), or hijack an update of another app to install a malicious version.
Part of the iOS source code was found sitting publicly on Github, which caused a bit of a panic at Snap. We don't know how it got there though.
In a presentation at Defcon a researcher walked through various bodycam models, explaining how easy it was to access, modify or delete their footage.
After being inspired by all the package manager problems we've seen recently, this researcher wanted to see if he could get access to Homebrew. He quickly found a Jenkins instance where a git token was visible, that gave him read-write access to Homebrew and all packages within. Nice cautionary tale for us all. Homebrew responded quickly and correctly.
This seems sweet. The feature, called "InPrivate Desktop", gives you the ability to run untrusted executables in a secure sandbox so it can't make any changes to the actual system.
Great article on how the author finds and looks at a phisher in action, and dives deeper in how machine learning can help detect phishing sites.
If you want a very deep and technical dive on the evolution to TLS 1.3 and its improvements, this Cloudflare blogpost does a fantastic job.
The yearly Pwnie Awards were given out at Blackhat last week, with categories such as "Best Server Side Bug", "Most Innovative Research" and also "Pwnie for Lamest Vendor Response".
Funny because it's true :-)
WAFs are a good security measure but the security of your web applications should not solely depend on it, because they can be bypassed. Watch this demo on Paul’s Security Weekly during which a researcher from Netsparker explains and demos how modern web application firewalls can be defeated.
I use 1Password to securely share passwords and notes with my colleagues. Can't recommend them enough and I'm super honoured to have them as a sponsor.