The Android Market is an open and friendly variation on the app stores spreading across the mobile phone industry. These applications appear safe on the surface, but they exact a price for developer accessibility that is paid by unsuspecting Android consumers and vendors. This article discusses the threats presented by native libraries included by Android Market applications and covers how these vulnerabilities were exploited by the Unrevoked app to jailbreak the latest generation of Android phones.
This presentation, delivered at Infosecurity Europe by Joshua Pennell, discusses risks identified, research performed, and remediation efforts suggested around the Smart Grid and meters.
Reported: 04.05.10. The Tranax Remote Management Software (RMS) allows for the administration of common Automated Teller Machine (ATM) tasks from a remote location. To successfully authenticate to a remote ATM, both the serial number and the RMS password are required. An attacker can leverage an implementation flaw that occurs when verifying credentials to craft a request that bypasses all authentication measures. The attacker could then perform remote management tasks with invalid credentials. The RMS interface is enabled, by default, on a typical ATM installation.
Discovered: 03.18.10. Reported: 03.23.10. The formID parameter at http://www.courts.wa.gov/forms/ is vulnerable to SQL injection. The searchTerms parameter at http://www.courts.wa.gov/search/index.cfm is vulnerable to cross-site scripting attacks. Exploiting these vulnerabilities would likely expose sensitive data and may result in compromise of the affected systems.
The purpose of this document is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies. In essence, this threat research document should be seen as a companion to “Security Guidance for Critical Areas in Cloud Computing.” As the first deliverable in the CSA’s Cloud Threat Initiative, this document will be updated regularly to reflect expert consensus on the probable threats that customers should be concerned about.
Discovered/Reported to Accoria: December 2008. Date Reported to US-Cert: March 1, 2010. The Accoria Web Server 1.4.7 for x86 Solaris exhibits multiple vulnerabilities, including cross-site scripting, directory traversal, and format string errors.
Given all the recent exposure from our Infineon research, we have had numerous requests regarding the ST mesh architecture and how Infineon’s design compares to the ST implementation. Both devices are a 4 metal ~140 nanometer process. Rather than have us tell you who we think is stronger (it’s pretty obvious), we’d like to see your comments on what you the readers think! The Infineon mesh consists of 5 zones with 4 circuits per zone. This means the surface of the die is being covered by 20 different electrical circuits. The ST mesh…
We probably should have been tweeting (sic?) for some time now but we are finally doing it! You can join/follow us here: http://twitter.com/semiconduktor As well, you can always get to Flylogic through Semiconduktor.com or Semiconduktor.net :).
Discovered: 01.05.10. Mach exception handling suffers from a vulnerability that allows an attacker to gain access to the memory of a suid process (set user identifier). Due to a vulnerability that is similar to CVE-2006-4392 (found by Dino Dai Zovi of Matasano Security), it is possible for a suid process to inherit the Mach exception ports of the parent.
Whenever the blog is enabled, spammers are able to deface the main pages index.html file replacing it with hundreds of spam links to software. The only way we can stop it is to stop the blog. We’ve tried cleaning the blog up but they still get in somehow through WordPress :(. If you think you can help us, please email tech at flylogic.net Thanks!