fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Working Windows And Linux Spectre Exploits Found On VirusTotal

Working Windows And Linux Spectre Exploits Found On VirusTotal

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal.

The vulnerability was unveiled as a hardware bug in January 2018 by Google Project Zero researchers.

If successfully exploited on vulnerable systems, it can be used by attackers to steal sensitive data, including passwords, documents, and any other data available in privileged memory.

Spectre (CVE-2017-5753) side-channel attacks impact many modern processor models with support for speculative execution and branch prediction made by Intel, AMD, and ARM.

As Google found, Spectre also affects major operating systems, including Windows, Linux, macOS, Android, and ChromeOS.

Since its discovery, the hardware bug has received firmware patches and software fixes from all major processor and OS vendors.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

Spectre exploit leaked on VirustTotal

Voisin found the two working Linux and Windows exploits on the online VirusTotal malware analysis platform.

Unprivileged users can use the exploits to dump LM/NT hashes on Windows systems and the Linux /etc/shadow file from the targeted devices’ kernel memory.

The exploit also allows dumping Kerberos tickets that can be used with PsExec for local privilege escalation and lateral movement on Windows systems.

The linked exploits were uploaded on VirusTotal last month as part of a larger package, a Immunity Canvas 7.26 installer for Windows and Linux.

CANVAS
Image: BleepingComputer

The CANVAS penetration testing tool bundles “hundreds of exploits, an automated exploitation system,” and it also comes with an exploit development framework for creating custom exploits.

The company announced that CANVAS would provide security professionals and penetration testers with access to working Spectre exploits (Windows and Linux) within months after the vulnerability was disclosed.

While OS and CPU vendors have released software and firmware mitigations for affected products since Spectre was disclosed, users who haven’t updated their systems are still exposed to Spectre attacks.

Those running older OS versions on older silicon (2015-era PCs with Haswell or older Intel processors) are probably the most exposed to Spectre attacks.

Microsoft explained that they are most prone to skip applying mitigations due to a more noticeable decrease in system performance after the patch.

As Voisin said, the exploits will break if the machine it’s executed on runs a patched Linux or Windows version.

Adding to that, even if an attacker would get their hands on any of the two exploits, only running them will not get any results as they both have to be executed with the right arguments.

Also Read: Limiting Location Data Exposure: Best Practices

However, even though they can’t immediately be used in attacks on their own, a determined attacker can figure it out with enough effort.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us