A Vulnerability identified in Firefox for android could have been exploited to remotely open arbitrary websites on a targeted user’s phone without the need to click on links, install malicious applications, or conduct man-in-middle (MitM) attacks.

The flaw was discovered by researcher Chris Moberly in version 68 of the Firefox for android. According to Moberly, the vulnerability is related to Firefox periodically sending out SSDP discovery messages in search of a second-screen device that I can cast to. These messages can be seen by any device that is connected to the same LAN. AN attacker connected to the same WI-FI as a targeted user can deploy a malicious SSDP serves that is set up to respond with specially crafted messages that cause Firefox to open an arbitrary website. Further, Moberly mentions” had it been in the wild, it could have targeted known-vulnerable intents in other applications. Or it could have been used in similar to phishing attacks where a malicious site is forced onto the target without their knowledge in the hopes, they would enter some sensitive info or agree to install a malicious application (Kovacs, 2020). Moberly has released technical details and proof-of-concept (PoC) exploits. ESET researcher Lukas Stefano has confirmed that the exploit works and has posted a video showing how an attacker can open an arbitrary website on three phones at the same time.

 

References

Kovacs. Eduard. (September 21,2020). Firefox Flaw Allowed Hackers to Remotely Open Malicious Sites on Android Phones. Securityweek. Retrieved from https://www.securityweek.com/firefox-flaw-allowed-hackers-remotely-open-malicious-sites-android-phones

Zenscrape: A simple web scraping solution for penetration testers

This article is all about a software named zenscape. The basics of this software is web scraping. This tool has the crawler and the scraper combined into one tool. This is an important tool for penetration testers (according to the article) because web scraping is a crucial part of a successful business. During a pen test, it is important to test the computer systems, web applications, and networks to determine vulnerabilities. There are many tools for pen testing but this is an all in one tool that uses artificial intelligence tools to troubleshoot all security issues.

 

“Zenscrape: A Simple Web Scraping Solution for Penetration Testers.” The Hacker News, 17 Sept. 2020, thehackernews.com/2020/09/zenscrape-simple-web-scraping-solution.html?m=1.

Nessus is an in house freeware utility that allows companies to scan for vulnerabilities automatically. The software tells them not only the vulnerabilities but also how to fix them. It is a proactive vulnerability scan that can identify vulnerabilities that may become dangerous. This software gives an idea of how an intruder would try to get in which allows the company to better protect itself. There is a downside however; if a vulnerability exists without a corresponding plug-in, the scanner will not find it. The overall goal of Nessus is to discover as many vulnerabilities as possible, decide how risky they are to your environment, and then reduce the risk that they pose.

 

Question

While this software is excellent to have a continually running automatic vulnerability, are there other processes that can pick up what Nessus misses?

Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network. Nessus discovers vulnerabilities for security specialist to analyze and harden their systems. Nessus Scans can become ineffective if ran behind a firewall. It’s always best to run a credentialed scan to receive full test results. Nessus Scan isn’t made to fully secure your environment as it doesn’t implement Physical or Access Controls.

Anglicare Sydney being held to ransom over sensitive data stolen from computer system

 

Anglicare Sydney is a community service organization that provides foster care and adoption services. As of Yesterday (Sept 20, 2020) Anglicare has confirmed that their sensitive data has been held for ransom. The ongoing investigation reported that 17 Gigabytes worth of sensitive data has been transmitted to a remote location. At this time Anglicare refuses to pay the ransom. Anglicare’s spokesperson hinted that the organization does not want to engage with cyber criminals. People receiving government services were entitled to have their personal identification protected. 

Anglicare has to eventually make a decision about resolving this issue. The integrity and security of the stolen data is detrimental. Many children could be at risk. 

 

Anglicare Sydney is contracted by the NSW Department of Family and Community Services to provide foster care and adoption services as well as programs for vulnerable families and young people 

Internet service providers can only detect the traffic of the network and they can only find out about Denial-of-service attack (DDOS ) attack once the attack has been executed (Dickson, 2020). Internet of Things (IoT) devices such smart cameras, lightbulb, fridge, and baby monitoring systems has a weak security and can be easily used to execute DDOS attack.

It is harder for the internet service provider (ISP) to find out about the vulnerable devices since they are behind the network address translation (NAT). The IoT devices also shares a common public address which makes it more complicated or the ISP to find out about any vulnerable IoT device within any home network.

To discover any vulnerable device within the network an detector can be placed between the router and the Optical Network Terminal (Dickson, 2020). The detector can be installed as an Raspberry Pi which will detect the traffic from the router and verify if there are any vulnerable IoT device within the network by comparing the CVE and NVD list of known vulnerability for home IoT devices. Once the vulnerable device is found then the detector can send an patch for the vulnerability and ISP can inform the user regarding the detecting and patching of their IoT device.

References:

Dickson, B. 2020. Artificial intelligence can stop IoT-based DDoS attacks in their tracks – research. Retrieved from: https://portswigger.net/daily-swig/artificial-intelligence-can-stop-iot-based-ddos-attacks-in-their-tracks-research

Nessus is a tool utilized across every organization. It helps find vulnerabilities on machines in a given environment. Nessus scans are instrumental in protecting an environment as they can scan an entire farm versus running through each server individually checking for vulnerabilities. It is important to note that Nessus will error on the side of caution and may report back many false positives. The article notes that while Nessus is very helpful in securing a network it is important to investigate all the vulnerabilities that it reports on and make sure they are not false positives.

 

 

Questions for the class:

What other vulnerability scans are utilized other than Nessus?