At last month's Shmoocon security conference in Washington, I was looking for gear for the Ars Tech Lab's hostile network environment. As I was browsing, I ran across a table manned by Gene Bransfield, the founder and CEO of WarCollar Industries LLC. People were gathering to look into little black boxes with the sort of delight you only find at security conferences.

The boxes were "360 Dope Scopes"—devices originally created by Bransfield for a security game at last year's Shmoocon. The DopeScope is a self-contained Wi-Fi scanner that can do quick reconnaissance of the wireless environment wherever you are—and a tool for hunting down where access points are physically located.

Read 10 remaining paragraphs | Comments

 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Google Nexus NVIDIA Video Driver CVE-2017-0448 Information Disclosure Vulnerability
 
Google Nexus Realtek Sound Driver CVE-2017-0444 Privilege Escalation Vulnerability
 
Google Android Audioserver CVE-2017-0425 Information Disclosure Vulnerability
 
Google Android AOSP Messaging CVE-2017-0424 Information Disclosure Vulnerability
 

Enlarge / A proof-of-concept profile that exploited a serious cross-site scripting bug in the Steam community website.

Steam, an online game platform with more than 125 million active accounts, is in the process of fixing a serious security hole that opens users to hacks that could redirect them to attack sites, spend their market funds, or possibly make malicious changes to their user profiles.

As this post was going live, employees with Valve, the company that develops Steam, were reportedly in the process of fixing the bug. Unconfirmed posts such as this one reported that the cross-site scripting hole had been patched on the initial activity feed pages but not on subsequent pages. Valve representatives didn't respond to e-mails seeking comment for this post.

The vulnerability is the result of a failure to filter malicious commands out of user-created profile pages. Attackers can exploit the failure by inserting JavaScript and other types of code into their profiles. The malicious commands are then executed without warning on the computers of anyone who visits the booby-trapped page. The flaw first came to light in a Reddit thread that went live on Tuesday morning. Within hours, people were creating profiles that exploited the bug.

Read 4 remaining paragraphs | Comments

 
Google Android Filesystem CVE-2017-0426 Information Disclosure Vulnerability
 
Google Android Bionic DNS CVE-2017-0422 Denial of Service Vulnerability
 
Google Android AOSP Mail CVE-2017-0420 Information Disclosure Vulnerability
 
Google Android libgdx CVE-2017-0408 Remote Code Execution Vulnerability
 
Google Android Mediaserver CVE-2017-0415 Privilege Escalation Vulnerability
 
IBM WebSphere Application Server CVE-2016-9736 Information Disclosure Vulnerability
 
IBM Sterling Order Management CVE-2016-9991 Cross Site Request Forgery Vulnerability
 
Multiple IBM Products CVE-2016-9748 Remote Information Disclosure Vulnerability
 
Google Nexus NVIDIA GPU Driver Multiple Privilege Escalation Vulnerabilities
 
Google Nexus Kernel File System CVE-2017-0427 Privilege Escalation Vulnerability
 
podofo 'PdfOutputStream.cpp' Null Pointer Dereference Denial of Service Vulnerability
 

When I tried to include the [taco] Unicode characters in the headline to this post, it cut off the headline. Supporting Unicode isnt easy, and often, to avoid security issues arising from Unicode, it is removed or outright blocked.

But in particular, mobile devices make it easy to type Emojis or other Unicode characters. As a security guy, my next question was if I can use them as part of my password. The quick answer: support varies... and dont count on it.

One issue I was a bit worried about is that multibyte characters often include the 0x00 byte. This can cause issuessince the 0x00 byte is often used to terminate strings. So I set up a quick test page to figure out if any of the PHP or MySQL hashing functions are susceptible to this issue. the Smiley character, for example, has a code of 0x1f600. The 00 byte could terminate the string, and all passwords starting with the Smiley character would result in the same hash. My initial testing hasnt found any issues like this, but I think this is an area that does require a bit more testing, in particularif a salt is added to a password prior to hashing.

If you want to play, I setup a quick test page with various PHP and MySQL hash functions: https://isc.sans.edu/emojitest.html

(and while you play, I will see if I can make the diary editor emoji capable-) )

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Google Android MediaTek Driver CVE-2017-0432 Privilege Escalation Vulnerability
 
Google Android Qualcomm components CVE-2017-0431 Multiple Unspecified Security Vulnerabilities
 
SEC Consult SA-20170207 :: Path Traversal, Backdoor accounts & KNX group address password bypass in JUNG Smart Visu server
 
Google Android Synaptics Touchscreen Driver Multiple Privilege Escalation Vulnerabilities
 
AES-GCM CVE-2016-0270 Information Disclosure Vulnerability
 

(credit: Google Brain)

Google Brain has devised some new software that can create detailed images from tiny, pixelated source images. Google's software, in short, basically means the "zoom in... now enhance!" TV trope is actually possible.

(credit: Google Brain)

First, take a look at the image on the right. The left column contains the pixelated 8×8 source images, and the centre column shows the images that Google Brain's software was able to create from those source images. For comparison, the real images are shown in the right column. As you can see, the software seemingly extracts an amazing amount of detail from just 64 source pixels.

Of course, as we all know, it's impossible to create more detail than there is in the source image—so how does Google Brain do it? With a clever combination of two neural networks.

Read 9 remaining paragraphs | Comments

 
Google Android Audioserver Multiple Privilege Escalation Vulnerabilities
 
LibTIFF CVE-2016-5102 Remote Buffer Overflow Vulnerability
 
Google Nexus/ Pixel Products Qualcomm Wi-Fi Driver Multiple Privilege Escalation Vulnerabilities
 
Google Android Surfaceflinger CVE-2017-0405 Remote Code Execution Vulnerability
 
Google Android Mediaserver Multiple Remote Code Execution Vulnerabilities
 
PEAR HTML_AJAX CVE-2017-5677 PHP Object Injection Vulnerability
 
[security bulletin] HPESBUX03699 SSRT110304 rev.1 - HP-UX BIND, Multiple Remote Denial of Service (DoS)
 
Internet Storm Center Infocon Status