-
October 5, 2016
Xen exploitation part 3: XSA
Xen exploitation part 3: XSA: This is the last part of our blogpost series about Xen security [1] [2]. This time we write about a vulnerability we found (XSA-182) [0] (CVE-2016-6258) and his exploitation on Qubes OS [3] project. We first explain the methodology used to find the vulnerability and then the exploitation specificity on […]
-
October 5, 2016
Xen exploitation part 2: XSA
Xen exploitation part 2: XSA: This blog post describes the exploitation of Xen Security Advisory 148 (XSA-148) [1] (CVE-2015-7835). It has been discovered by Shangcong Luan of Alibaba and publicly disclosed in October 2015. At the time, we were working on writing an exploit and no public proof of concept nor exploit were available. Today, […]
-
October 5, 2016
Xen exploitation part 1: XSA
Xen exploitation part 1: XSA: This blog post describes the exploitation of Xen Security Advisory 105 (XSA-105) [1] (CVE-2014-7155). This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5. We are not aware of any public exploit for this vulnerability, although Andrei Lutas wrote excellent articles [2] […]
-
October 5, 2016
Advanced Exploitation: Xen Hypervisor VM Escape
Advanced Exploitation: Xen Hypervisor VM Escape: The Xen is a widely used virtualization platform powering some of the largest clouds in production today. For the purpose of cloud platform security reinforcement, our team have looked into the implementation of Xen hypervisor and found a series of highly critical vulnerabilities that could be used to exploit […]
-
October 5, 2016
Yahoo secretly scanned customer emails for U.S. intelligence
Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence: Yahoo Inc last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter. The company complied with a classified U.S. government demand, scanning hundreds of millions […]
-
September 1, 2016
Delete Your Yahoo Account
Delete Your Yahoo Account: Reuters’s Joseph Menn is reporting that just last year, Yahoo chose to comply with a classified “directive” to build “a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials” — the NSA in particular.
-
August 31, 2016
Tokopedia: Unrestricted Deletion to All of People’s Bank Account
Tokopedia – Unrestricted Deletion to All of People’s Bank Account: The simplicity in receiving payment from the online sales is certainly a dream for every seller. For actualizing this simplicity, Tokopedia has launched a feature which is “Tambah Rekening Bank” (Adding Bank Account) that could be used to receive the sales payment after every transaction […]
-
August 31, 2016
Opera server breach incident
Opera server breach incident: Earlier this week, we detected signs of an attack where access was gained to the Opera sync system. This attack was quickly blocked. Our investigations are ongoing, but we believe some data, including some of our sync users’ passwords and account information, such as login names, may have been compromised. […]
-
August 31, 2016
Dropbox Hacked: More Than 68 Million Account Details Leaked Online
Dropbox Hacked — More Than 68 Million Account Details Leaked Online: Hackers have obtained credentials for more than 68 Million accounts for online cloud storage platform Dropbox from a known 2012 data breach. Troy Hunt verified the leak too: https://www.troyhunt.com/the-dropbox-hack-is-real/ Earlier today, Motherboard reported on what had been rumoured for some time, namely that Dropbox had […]
-
July 18, 2016
Ubuntu Forums hack exposes 2 million users
Ubuntu Forums hack exposes 2 million users: The company that builds Ubuntu, a popular Linux distribution, has said its forums were hacked Thursday. Canonical, which develops the operating system, said in a statement on Friday that two million usernames, email addresses, and IP addresses associated with the Ubuntu Forums were taken by an unnamed attacker. […]