Directory traversal, still??
You would think this is now a standard thing with websites to bar directory traversal, but obviously not:(
Summer rolls on, Reg vultures are making the most of their hols before the September rush hits, and in the past week, we saw Lazarus malware targeting Macs, Adobe scrambling to get an emergency patch out, and Democrats losing their minds over a simple training exercise. Here's what else went down... SOLEO mission Researchers …
I tried the Fortnite free game to see what all the fuss what about, bizarrely within the first two weeks people had tried to log in as me on multiple occasion triggering multiple emails from Epic asking me to set up 2FA. What exactly were these "hackers" going to do? Play the game as me? I highly doubt it, there was nothing of value to getting logged in as me. Now we see Epic bribing people to get 2FA by offering a dance move. So the big question is why? What do Epic get out of knowing who I am? (Phone number link, they already have an email) Is there a market for Email/IP/Phone information on people? If anyone knows I'd be curious to know.
This post has been deleted by its author
That's not it... Musk (Tesla) and Sweeney (Epic) are arguably the few senior people in tech who actually care about Privacy and don't want to slurp your info! Epic in general are a genius game engine company, but they're a bit light on the security side, and have been caught out badly by the success of Fortnite. In fact, a lot of their platform support is outsourced and not well managed.
So overall Epic's biggest problem right now is Security. Below is a typical post. Most don't even get a reply. 2FA is necessary if you're giving Epic billions from storing payment / card details to buy in-game upgrades, then you need to secure your account!
https://forums.unrealengine.com/unreal-engine/feedback-for-epic/1453715-epic-your-account-security-design-is-atrociously-bad
These chug along for far more than 20 years! I know of several that are still running 24/7 and are getting on for 30, and last year I repaired an ancient TTL forerunner that's something like 40 - the I/O modules are 2x10x8... inches!
Fortunately none of these have any network access (that I know of)
“Researchers at Project Insecurity have detailed a vulnerability in SOLEO's IP relay technology that disclosed sensitive files on affected installations. For example, the following HTTPS request to a vulnerable service”...
The solution being, don't put a web anything on security devices, remove the http server, remove the http browser, remove the java interpretor etc. and learn to use command-line tools and configuration scripts.
“This vulnerability exists due to the fact that there is improper sanitization on the ‘page’ GET parameter in servlet/IPRelay. A developer should always check for dangerous characters in filenames” ref
2001 is calling and want's its Directory Traversal attack back :]
And if you get overridden because the higher ups insist on it and tell you to Do It or Else?
I'd make damn sure there's emails involved and not word of mouth. Print out the emails and secure in a lock box or better yet, use the local bank's security lock boxes they have on site. Crap rolls downhill and you don't want the blame when things go pear shaped because some manager/exec said "just do it".
Just who in their right-minds connects a voting machine directly to the Internet? Election Systems and Software (ES&S) that's who, who sometime back acquired Diebold’s voting machine division ‘Premier Election Solutions’. What is the make of hardware and software that these voting products run on?
“ES&S .. was expanding its work with .. Homeland Security .. includes the installation of advanced threat monitoring and network security monitoring”
Is it wise giving the state security apparatus full control over the voting process, especially as there is no paper trail. If a malicous actor were to come to power, s/he could manipulate the vote in his/her favour.
Do they use hardware cryptography to do public key cryptography?
Have they linked to U2F security keys?
Did they build it on trusted secure core like SAML11?
All answers are nope, it's just normal IT with security in software and TCP/UDP/IP stack access.
Sales terminals in some Cheddar’s Scratch Kitchen restaurants may well have been hacked in 23 US states to steal payment card information between November 3, 2017, and January 2, 2018. A technique to steal crypto-keys from electromagnetic radiation from a very nearby device has been detailed here.
That attack finally turned out to be of use?
Maybe somebody else's going down to the HDD activity light blink hack?
https://www.theregister.co.uk/2018/08/01/reddit_hacked_sms_2fa/
Do people actually understand what they read.
Epic failure, lol.
I asked them to add U2F but nope.
Asked local MP Douglas Ross to have UK government link U2F to passports ID chip..
Then we have root of trust in hardware.
People are so slow with education.