IT Support and Hardware for Clinics
32.7K views | +1 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Adobe patches Flash zero-day found in Hacking Team data breach

Adobe patches Flash zero-day found in Hacking Team data breach | IT Support and Hardware for Clinics | Scoop.it

The massive Hacking Team data breach led to the release of 400GB worth of data including a zero-day vulnerability for Adobe Flash. Adobe has released an out-of-band patch for the flaw just two days after it was discovered.


The vulnerability was described by the Hacking Team in a readme file in the data dump as "the most beautiful Flash bug for the last four years". Accompanying the readme in the data was a proof-of-concept exploit of the flaw.


Adobe categorized the vulnerability (CVE-2015-5119) as critical and said it affects Flash Player versions 18.0.0.194 and earlier on Windows and Mac, and versions 11.2.202.468 and earlier on Linux. Successful exploitation of the flaw could allow remote code execution.


Security researcher Kafeine found that the vulnerability has already been added to the Angler, Fiddler, Nuclear and Neutrino exploit kits. Because of this, admins are recommended to apply the patch as soon as possible.


Also found in the Hacking Team data was another Adobe Flash zero-day (CVE-2015-0349), which was patched in April, and a zero-day affecting the Windows kernel. The inclusion of these zero-days has caused experts to question if these exploits are being used by Hacking Team clients, including law enforcement and governments.


"As many governments move to try and control malware and offensive security tools, some have been caught with their own hands in the cookie jar, leading many to wonder how and why governments and agencies listed as Hacking Team clients are using these tools and if they are doing so lawfully," said Ken Westin, security analyst for Tripwire. "Given the depth and amount of data compromised in this breach, it will reveal a great deal about the market for offensive tools designed for espionage with a great deal of fallout and embarrassment for some organizations."


Hacking Team spokesman Eric Rabe confirmed the breach and said that while law enforcement is investigating, the company suggests its clients suspend the use of its surveillance tools until it can be determined what exactly has been exposed.


In a new statement, Rabe warned that its software could be used by anyone because "sufficient code was released to permit anyone to deploy the software against any target of their choice.


"Before the attack, HackingTeam could control who had access to the technology that was sold exclusively to governments and government agencies," Rabe wrote. "Now, because of the work of criminals, that ability to control who uses the technology has been lost. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so. We believe this is an extremely dangerous situation."

more...
No comment yet.
Scoop.it!

Hack Attack Grounds Airplanes

Hack Attack Grounds Airplanes | IT Support and Hardware for Clinics | Scoop.it

Polish airline LOT claims that a hack attack disrupted the state-owned airline's ground-control computers, leaving it unable to issue flight plans and forcing it to cancel or delay flights, grounding 1,400 passengers.


The airline said the June 21 cyber-attack against its IT systems at Warsaw Chopin airport lasted about five hours and affected the computers that it uses to issue flight plans. "As a result, we're not able to create flight plans and outbound flights from Warsaw are not able to depart," the company said in a statement.


But the airline emphasized that the attack had "no influence on plane systems" and that no in-progress flights were affected by the incident. It also said that all flights bound for Warsaw were still able to land safely. The IT disruption did, however, result in the airline having to cancel 10 flights - destined for locations inside Poland, to multiple locations in Germany, as well as to Brussels, Copenhagen and Stockholm - and then delay 12 more flights.


An airline spokeswoman didn't immediately respond to a request for more information about the disruption, how LOT judged it to be a hack attack or who might be responsible. No group or individual appears to have taken credit for the disruption.


Airline spokesman Adrian Kubicki says that Polish law enforcement agencies are investigating the hack and warned that other airlines might be at risk from similar types of attacks. "We're using state-of-the-art computer systems, so this could potentially be a threat to others in the industry."

Follows Plane Hacking Report

It's been a busy year for airline-related hacking reports.

In May, information security expert Chris Roberts claimed to have exploited vulnerabilities in airplanes' onboard entertainment systems more than a dozen times in recent years, allowing him to access flight controls. Roberts claimed that his repeated warnings about the problems to manufacturers and aviation officials had resulted in no apparent fixes being put in place.

Question: Hack or IT Error?

Despite the presence of vulnerabilities in avionics systems, however, airline-related IT disruptions are often caused by internal problems, and some security experts are questioning whether that might be the case with the supposed cyber-attack against LOT. "The story doesn't make sense, and most of the actual info so far suggests a 'glitch' caused by an unauthorized user," says the Bangkok-based security expert who calls himself the Grugq, via Twitter.


On June 2, for example, a computer glitch grounded almost 150 United Airlines flights in the United States, representing about 8 percent of the company's planned morning flights. The airline blamed the problem on "dispatching information," and some fliers - such as software firm Cloudstitch CTO Ted Benson - reported via Twitter that pilots told passengers that the ground computers appeared to be spitting out fake flight plans.


As a result of the glitch, the Federal Aviation Administration reportedly grounded all United flights for 40 minutes, until related problems were corrected.

United Airlines Bug Bounty

That glitch followed United Airlines in May launching a bug bounty program - not for the software that runs its airplanes, in-flight entertainment systems, or ground-control computers, but rather its website. "If you think you have discovered a potential security bug that affects our websites, apps and/or online portals, please let us know. If the submission meets our requirements, we'll gladly reward you for your time and effort," United says on the bug bounty page.


Rather than offering cash rewards like many other bug-bounty programs, however, United is instead offering frequent-flier "award" miles - for example 50,000 miles for cross-site scripting attacks, 250,000 for authentication bypass attacks, and 1,000,000 for a remote-code execution attack.

more...
No comment yet.