FreeBSD, the open-source operating system, announced that it will no longer support Intel’s RdRand and Via Technology’s Padlock on-chip random number generators (RNGs) moving forward in new versions of the UNIX-like operating system.
The move apparently follows reports from earlier this year that the National Security Agency had allegedly weakening cryptographic standards built in conjunction with the National Institute for Standards and Technology so that the NSA could circumvent them in order to perform its surveillance operations.
Citing a “high probability of backdoors” and mentioning Edward Snowden by name on a security working group site for the FreeBSD Developer Summit, the group says it “cannot trust [these hardware] RNGs to provide good entropy directly.” Instead, they plan on generating their random numbers with either the Yarrow or its successor Fortuna pseudo-RNGs, each of which is open-source and was developed by famed cryptographers Bruce Schneier, John Kelsey, and Niels Ferguson.
“For 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random,” Free BSD’s developers wrote in a EuroBSDcon 2013 Developer Summit special status report on their website. “It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more.”
RNGs are an integral aspect of key-creation for strong encryption. Crypto-systems with weak RNGs or PRNGs that don’t create suitably random numbers are considered weak cryptographic systems.
Moxie Marlinspike has published landmark research on SSL vulnerabilities, taken on certificate authorities and even built an alternative to CAs as we know them today called Convergence. But now that government surveillance and online privacy have been elevated to mainstream dinner-table conversations, the researcher has made a significant dent in the problem of bringing secure communication to the masses.
This week’s announcement that Open WhisperSystems’ TextSecure protocol will be integrated into CyanogenMod’s default SMS app means that upwards of 10 million Android users will be able to conduct chats online that are encrypted end-to-end, and theoretically out of reach of snoops and spies.
This has Marlinspike excited, and anxious to bring TextSecure and secure communications to more than just the Android platform; Open WhisperSystems has an iOS client and browser extension on the drawing board.
“As we expand our client base, we’ll be moving to this world where we have truly cross-platform, end to end secure communication with the really massive user base, which is really exciting,” Marlinspike told Threatpost. “This Cyanogen deployment is perhaps the largest deployment of end to end secure messaging ever.”
TextSecure, unlike other secure chat apps such as Silent Text, does not require both ends of the conversation to have an installed client. Nor are the encryption keys securing the chat sessions stored with Open WhisperSystems. That means the organization is not subject to government requests via warrants or National Security Letters for encryption keys or user data.
“That’s definitely happening and an important component of any secure communication system. You want the servers to be completely untrusted,” Marlinspike said. “People get very caught up in where servers are hosted and that really shouldn’t matter. Our position should be that there are really no good governments or safe regions where you can put a server. You have divide servers to be completely untrusted, and you have to have client software that is open source and anyone can verify the security.”
The partnership between the CyanogenMod and Open WhisperSystems began earlier this year when the aftermarket Android firmware provider approached Marlinspike about developing a secure messaging system for their users.
“Our position is one of building a business that is not based on collecting as much information as possible about the user,” Marlinspike said. “Seems like they’re trying to think of ways of improving the user’s default experience with respect to privacy.”
Marlinspike said the native CyanogenMod SMS client was modified to support the TextSecure protocol, and that TextSecure for CyanogenMod runs on the TextSecure V2 protocol and supports forward secrecy and the 3DHE agreement for deniable messages.
“If an outgoing SMS message is addressed to another CyanogenMod or TextSecure user, it will be transparently encrypted and sent over the data channel as a push message to the receiving device. That device will then decrypt the message and deliver it to the system as a normal incoming SMS,” Marlinspike said in the announcement. “The result is a system where a CyanogenMod user can choose to use any SMS app they’d like, and their communication with other CyanogenMod or TextSecure users will be transparently encrypted end-to-end over the data channel without requiring them to modify their work flow at all.”
While the Android rollout is slowly under way, the early feedback is encouraging.
“Mostly, the feedback that we’ve gotten is that it’s too invisible; people can’t even tell that it’s happening. They would like more visual feedback, which is a good problem to have and a good problem to start from. Rather than the opposite which is this is too cumbersome or impossible to use,” Marlinspike said. “Right now people are questioning whether it’s really working. ‘Yes it really is.’”
Visual feedback via some kind of icon or system notification is likely the next priority for the TextSecure-CyanogenMod integration, in particular getting the feedback in whatever form it takes to work with software such as Google Hangouts, for example, that is closed source.
Next off the line could be the iOS client, followed shortly thereafter by a client for Open WhisperSystems’ RedPhone secure voice app and a browser extension that would put Open WhisperSystems on its way to having encrypted cross-platform asynchronous messaging systems anchored by open protocols and open source software.
“We want truly cross-platform support, so that means iOS, Android and something for the desktop,” Marlinspike said. “If you can do something with a browser extension, then that automates a lot of friction for users. You get these messages on your phone and you get them on your desktop which is really an integrated chat experience with whatever device you’re using.”
The National Security Agency is monitoring a certain type of cookie – deployed by the search giant Google – as yet another tool in their increasingly public surveillance apparatus.
This, according to slides from an April 2013 NSA presentation acquired by the Washington Post, is the latest revelation from former National Security Agency contractor Edward Snowden.
The slides indicate that the NSA is monitoring the Google’s PREF cookie. The NSA is reportedly utilizing an analytics tool called HAPPYFOOT that aggregates leaked location data, in this case the PREF cookie. It is unclear exactly how the NSA’s HAPPYFOOT tool acquires these PREF cookies, though the slides seem to suggest that the spy agency may be exploiting a data leak vulnerability of some sort. However, the Washington Post reports that the NSA may be acquiring these cookies with Foreign Intelligence Surveillance Act court orders.
The slides also reveal that the NSA has partnered with National Geospatial-Intelligence Agency, and the Washington Post reports that the two groups are using these PREF cookies to determine the locations of surveillance targets in order for the NSA to perform remote spying operations.
Cookies are small pieces of data that companies send from their websites and install on the browsers’ of the individuals visiting their websites. When a user revisits one of these sites, that user’s browser sends the cookie back, and the server handling the site then recognizes the browser of the user.
A Wall Street Journal article from February 2012 examined the discovery of the PREF cookie by a man named Stephen Frankel. Frankel’s case was particularly odd because he observed the cookie present in his Safari browser despite the fact that he had blocked all tracking cookies and – even odder yet – had not visited any sites in his Safari browser.
The Journal reported that the PREF cookies primarily serve Google’s Safe Browsing malware protection feature.
Wall Street Journal technological consultant, Ashkan Soltani, noted that the cookie – despite not being an advertising cookie – contains a unique identification number and can not be disabled without disabling Google’s phishing and malware protection feature. Basically what is happening, Soltani explained, is that other browsers are periodically pinging Google for updated lists of dangerous sites. In turn, Google responds by installing this PREF cookie on user machines. This is how the cookie ended up in Frankel’s unused Safari browser.
Of course, the PREF cookie serves another purpose as well, and this other purpose seems to be that which the NSA is exploiting. On a Google policies and principles page that had to be translated from Spanish, the company notes that the PREF cookie gives Google the ability to determine user locations so that Web-content is displayed in the user’s preferred language. Per Google’s explanation, the cookie also grants location data to certain sites that want to display location-sensitive content like local news, traffic, and weather reports.
The PREF cookie may appeal to the NSA because of these characteristics. Namely that it seems to be innocuous if not beneficial, that it works when all other cookies are blocked, is present even on unused browsers, and also has the capacity to collect location data.
The general population may have had its fill of Facebook at this point, but attackers sure haven’t. There is a new round of Facebook-related spam that is using fake messages about recent crimes involving recipients’ friends as a lure to direct them to Tumblr pages serving exploits.
The campaign comprises several different individual messages purporting to come from a victim’s Facebook friends, but all of them are using some variant of the same scam. The message says that either the sender or a close friend or relative has been the victim of a crime and needs the recipient’s help. The messages include a link to a Tumblr page that supposedly shows some images of the criminals. However, the link then redirects the victim to a phishing page that is a very close approximation of the Facebook site, researchers at the SANS Internet Storm Center said.
“The Tumblr links follow a pattern, but appear to be different for each recipient. The host name is always two or three random English words, and the URL includes a few random characters as an argument. The preview of the Tumblr page lists some random words and various simple icons,” Johannes Ullrich wrote in an analysis of the attacks.
“Once the user clicks on the link to the Tumblr page, they are immediately redirected to a very plausible Facebook phishing page, asking the user to log in. The links I have seen so far use the ‘noxxos.pw’ domain, which uses a wildcard record to resolve to 188.8.131.52 .”
If the user ends up on the fake Facebook page, he is then presented with a dialog that asks for his Facebook username and password, along with a secret question. The site also tries to run a Java applet, which may contain an exploit, Ullrich said. That sends the user to a fake YouTube page, which asks the victim to install a fake video player, which is actually a downloader for malware. Ullrich said that detection for the malware on VirusTotal is fairly low right now, with about 25 percent of anti-malware software detecting it.
“As an indicator of compromise, it is probably best right not to look for DNS queries for ‘noxxos.pw’ as well as connections to 184.108.40.206 (which is likely going to change. The server only returns 404 errors right now),” he said.
The infamous Zeus banking Trojan has gone 64-bit. But why?
Researchers at Kaspersky Lab’s Global Research and Analysis Team spotted a new version of the malware that behaves much like its 32-bit contemporaries: it too uses Web injects to steal banking credentials to drain online accounts, steal digital certificates and even log keystrokes. It also communicates with its command and control servers over the Tor anonymity network, another new feature of the 64-bit variety of Zeus.
The 64-bit quandary is perplexing. As Kaspersky researcher Dmitry Tarakanov points out, fewer than 1 percent of IE users are on the 64-bit version, and even those running 64-bit versions of operating systems are running 32-bit browsers.
“Perhaps it’s just a marketing gimmick—a new feature, even if it is mostly useless, with a bit of ‘wow’ factor,” Tarakanov wrote today on Securelist. “Support for 64-bit browsers—a great way to advertise the product and to lure buyers—the botnet herders.”
While 64-bit support may be a bit of overkill for today, it does set the prolific malware up for future success. And its use of Tor as a communication platform, while not unique, does bring it into some exclusive company.
“Whatever the intentions were of the malware author that created this piece of Zeus—be it a marketing ploy or the groundwork for some future needs—a pure 64-bit Zeus does finally exist, and we can conclude that a new milestone in the evolution of Zeus has been reached,” Tarakanov said.
The Zeus source code has been available online since the Spring of 2011. Since then, numerous tweaks have been made to the Trojan, including versions that communicate over peer-to-peer networks. The malware hooks into a user’s browser via a number of malicious Web injects that trigger when a victim visits their online banking account. The malware logs the user’s credentials and sends them to the hacker, either directly via a backdoor connection to a central server or through hops on a P2P chain. This version’s use of Tor brings a new level of stealth capabilities to the malware, one that even frustrates the NSA.
Tarakanov said Kaspersky researchers spotted the 64-bit Zeus sample tucked away inside a 32-bit version in June; the compile date on the malware was April 29. He said the 64-bit version of Zeus launches Tor.exe indirectly, first starting the svchost application in suspended mode and then injecting the Tor code into that process. Zeus then tunes the process to run Tor under the cover of svchost. The malware tells the browser to run traffic through TCP port 9050 and the stolen data will eventually land in an onion domain, egzh3ktnywjwabxb[.]onion, Tarakanov said.
Tarakanov said that Zeus also will create a hidden service that creates a configuration file for each infected host that includes unique private key for the service and an exclusive domain.The botmaster is then able to connect to the unique onion domains when they are online and use a remote desktop control feature in Zeus to control the victim’s machine.
This version of Zeus also includes a list of more than 100 programs that will trigger execution if present on victim machines.
“There are different types of programs, but all of them contain valuable private information that cybercriminals would love to steal—login credentials, certificates and so on,” Tarakanov said, adding that Zeus also logs keystrokes pre- and post-encryption. “So when operating inside these programs, Zeus is able to intercept and forward a lot of valuable information to the botnet operator.”
One zero-day down, one to go.
As expected, Microsoft did today patch a zero-day in its GDI+ graphics component (MS13-096) reported more than a month ago after exploits were spotted in the wild. The fix was one of 11 security bulletins—five critical—released as part of the December 2013 Patch Tuesday security updates.
Another zero-day, one affecting only Windows XP users, still remains unpatched despite active exploits targeting the vulnerability, which is found in the NDProxy driver that manages the Microsoft Telephony API. The attacks depend on a second vulnerability to deliver the exploit against an XP machine. Microsoft recommends turning off NDProxy as a mitigation until a patch is available.
While there were five critical bulletins released today, experts urge IT administrators to also prioritize an ASLR bypass vulnerability that was patched today and rated “important” by Microsoft.
MS13-106 takes care of an Office vulnerability that is being exploited in the wild, Microsoft said. Attackers hosting a malicious exploit online can trigger the vulnerability in the hxds.dll that enables a bypass of ASLR or Address Space Layout Randomization, a security feature in Windows that mitigates memory corruption exploits.
“The vulnerability could allow security feature bypass if a user views a specially crafted webpage in a web browser capable of instantiating COM components, such as Internet Explorer,” Microsoft said in its advisory. “The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability that could take advantage of the ASLR bypass to run arbitrary code.”
ASLR bypasses have been more frequent this year, and have been rolled into a number of exploit kits. Introduced in Windows Vista, ASLR hampers the reliability of exploits by negating an attacker’s ability to predict where machine instructions will exist in memory. ASLR is particularly effective against buffer overflow attacks.
“This particular library, hxds.dll, has been used by numerous attacks in the wild with great success because it can be easily loaded into memory from a web page by using the ‘ms-help:’ protocol handler,” said Craig Young, security researcher at Tripwire. “Until today, the only options that protect against this were the removal of Office 2007/2010 installs or enabling Microsoft’s Enhanced Mitigation Experience Toolkit (EMET).”
Admins will also have to contend with yet another cumulative update for Internet Explorer. MS13-097 patches a number of remote code execution vulnerabilities in the browser, all the way back to IE 6. IE has been patched almost monthly this year and has been front and center in numerous targeted attacks.
Microsoft also patched a critical bug in its Authenticode signing algorithm that is being exploited. MS13-098 allows remote code execution if a user is enticed to run an application that contains a malicious and signed portable execution file. The patch modifies how the WinVerifyTrust function handles Windows Authenticode signature verification for PE files, Microsoft said.
“Attackers have been abusing installers from legitimate software makers to install malware. These installers are configured in a way to dynamically download code extensions that are not checked for correct signatures, and attackers have found a way to piggyback on that mechanism,” said Qualys CTO Wolfgang Kandek, who added that the patch prepares the system for a more stringent integrity check that prevents such exploits. Microsoft also issued a separate security advisory regarding the Authenticode patch, that after June 10, 2014 it will no longer recognize non-compliant signed binaries.
The two remaining critical bulletins, MS13-099 and MS13-105, patch remote code execution vulnerabilities in Microsoft Scripting Runtime Object Library and Exchange Server respectively. Three of the four Exchange vulnerabilities addressed in the bulletin, it’s worth noting, are publicly disclosed. The most serious is in the WebReady Document Viewing and DLP features of Exchange Server, Microsoft said.
The remaining bulletins—rated “important”—address one remote code execution bug, three privilege escalation issues and an information disclosure vulnerability:
- MS13-100 patches a remote code execution vulnerability in Microsoft SharePoint Server; an attacker would have to be authenticated to the server to exploit the vulnerability. A successful exploit would enable an attacker to run code in the context of the W3WP service account on the SharePoint site.
- MS13-101 fixes a privilege elevation issue in Windows Kernel-Mode Drivers. An attacker would have to log onto a system and run a malicious application to exploit the bug.
- MS13-102 is a patch for a vulnerability in the LRPC Client that would allow an attacker to elevate their privileges on an LRPC server. Doing so would allow an attacker to install programs, manipulate data or create accounts. Valid credentials are needed to exploit this bug.
- MS13-104 is a fix for an information disclosure vulnerability in Microsoft Office. Successful exploits could give an attacker access tokens used to authenticate a user on a SharePoint or Office server site.
Microsoft also sent out an advisory that revokes the digital signatures for nine private, third-party UEFI modules for Windows 8 and Windows Server 2012 machines. These modules would be loaded during a UEFI Secure Boot, if it is enabled.
Telecommunications giant AT&T has come under fire from privacy advocates after it acknowledged that it will not publicly disclose any of its dealings with the National Security Agency.
The company claimed that protecting customer privacy is at the crux of its decision not to share government requests in a letter to the U.S. Securities and Exchange Commission.
The letter, right, penned by the company’s legal counsel, is electing that the issue not be brought up at AT&T’s annual shareholder meeting next spring.
Shareholders, along with representatives from the ACLU, have been rallying for the company to publish a transparency report, much like those recently produced by Facebook, Twitter and Google, to clear the air around exactly what – and how much – customer information it shares with the government.
AT&T’s letter however argues that kind of information isn’t anyone’s business, especially its users or shareholders, arguing that it’s “a core management function” and “an integral part of AT&T’s day-to-day business operations.”
It goes on to say that disclosing such information could jeopardize the company’s legal strategy, noting several pending lawsuits that require the company to “provide personal information to other entities, such as government agencies, credit bureaus and collection agencies.”
While the letter more or less wholly rejects the concept of a transparency report, AT&T notes that if it were to produce one, it would be limited to the company’s responses to law enforcement requests for information and not information regarding the government’s surveillance activities.
Verizon and AT&T shareholders issued letters (.PDF) in November asking the companies to “publish semi-annual reports, subject to existing laws and regulation, providing metrics and discussion regarding requests for customers’ information by U.S. and foreign governments.”
Those letters cited a controversial June Wall Street Journal article that claimed AT&T “provided millions of U.S. customers’ call records to the U.S. National Security Agency (NSA),” and encouraged the company to follow in the footsteps of major Internet companies that have begun publishing similar transparency reports.
Both companies scored poorly on the Electronic Frontier Foundation’s “Who Has Your Back?” report card, issued back in May. The annual report, which culls major communication and social media companies’ stances on data privacy, points out that both companies fail to tell their users about data requests, fail to publish law enforcement guidelines and will not fight for its users’ privacy rights in court.
Meanwhile, public opposition to AT&T has begun to pick up steam in the wake of its stance.
A petition started by the San Francisco ACLU office urging both companies to be more transparent with what it does with user information has gathered nearly 32,000 supporters in the few days since AT&T’s statement.
“We’re working with our friends at SumOfUs to rally thousands of AT&T and Verizon customers and potential customers and prove to these giant telcos that their silence is putting their public image and bottom line at risk,” reads the petition.
AT&T is understandably absent from a list of eight companies: AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo, who formed a coalition yesterday, Reform Government Surveillance, calling for the reform of the government’s surveillance activities going forward, post-NSA revelations.
*AT&T image via mrbill‘s Flickr photostream, Creative Commons
Adobe published two security bulletins today, resolving a pair of vulnerabilities in both Shockwave and Flash Player.
The Shockwave security update applies to versions 220.127.116.11 and earlier on Windows and Mac OS X and addresses a pair of memory corruption vulnerabilities (CVE-2013-5333 and CVE-2013-5334) that could give an attacker the ability to execute code remotely. Adobe awarded this bug a priority rating of 1, meaning that attackers are likely targeting it – or soon will be targeting it – in the wild.
Adobe also pushed out security updates for versions 11.9.900.152 and earlier of its Flash Player on Windows and Mac OS X and for versions 18.104.22.1687 and earlier for Linux systems. The updates address a type confusion vulnerability (CVE-2013-5331) and a memory corruption vulnerability (CVE-2013-5332), each of which could enable remote code execution, causing crashes, and potentially giving an attacker control of affected machines.
“Adobe is aware of reports that an exploit designed to trick the user into opening a Microsoft Word document with malicious Flash (.swf) content exists for CVE-2013-5331,” Adobe says in the bulletin announcement. “Adobe Flash Player 11.6 and later provide a mitigation against this attack.”
Adobe is recommending that users of the following:
- Users of Adobe Flash Player 11.9.900.152 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.9.900.170.
- Users of Adobe Flash Player 22.214.171.1247 and earlier versions for Linux should update to Adobe Flash Player 126.96.36.1992.
- Adobe Flash Player 11.9.900.152 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.9.900.170 for Windows, Macintosh and Linux.
- Adobe Flash Player 11.9.900.152 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 11.9.900.170 for Windows 8.0
- Adobe Flash Player 11.9.900.152 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 11.9.900.170 for Windows 8.1
- Users of Adobe AIR 188.8.131.520 and earlier versions for Windows and Macintosh should update to Adobe AIR 184.108.40.2060.
- Users of Adobe AIR 220.127.116.110 and earlier versions for Android should update to Adobe AIR 18.104.22.1680.
- Users of the Adobe AIR 22.214.171.1240 SDK and earlier versions should update to the Adobe AIR 126.96.36.1990 SDK.
- Users of the Adobe AIR 188.8.131.520 SDK & Compiler and earlier versions should update to the Adobe AIR 184.108.40.2060 SDK & Compiler.
Adobe is considering the Flash bugs in Windows and Mac OS X highest priority, while Linux Flash bug and the Adobe Air vulnerabilities are only receiving priority ratings of three, meaning that it is unlikely that attackers will target these bugs.
Adobe acknowledges Liangliang Song and Honggang Ren from Fortinet for finding the Shockwave bugs and David D. Rude II of iDefense Labs Attila Suszter of Reversing on Windows blog for finding the Flash bugs.
Mozilla has released a major new version of Firefox, which includes fixes for more than a dozen security vulnerabilities as well as an important change that makes all Java plugins click-to-play be default. This feature prevents those plugins from running automatically on Web pages, which helps protect users against some Web-based attacks.
The modification to the way that Firefox 26 treats plugins is a significant security benefit for users, especially those who may not be aware of the security issues that plugins can cause. Attackers will use vulnerabilities in plugins such as Java, Flash or Silverlight to compromise users who visit a site that has content that is automatically rendered by those extensions. Mozilla began the process of changing the way that Firefox treats plugins earlier this year, but this is the first time that the change has shown up in the final version of the browser.
“Even though many users are not even aware of plugins, they are a significant source of hangs, crashes, and security incidents. By allowing users to decide which sites need to use plugins, Firefox will help protect them and keep their browser running smoothly,” Mozilla’s Benjamin Smedberg said earlier this fall about the upcoming change to Firefox’s handling of plugins.
Java has been a particular favorite of attackers in recent years, thanks to its long tail of security issues and ubiquity on the Web. Making all Java plugins click-to-play means that users will now have to explicitly choose to play a plugin anytime they encounter one. Other browsers, such as Google Chrome, give users the option of enabling click-to-play, as well.
In addition to the change to plugin behavior, Firefox 26 also has patches for a number of vulnerabilities, including five critical ones. A major fix in the new browser is Mozilla actively revoking trust in an intermediate certificate issued by the Agence Nationale de la Sécurité des Systèmes d’Information in France. The certificate was used to issue certificates for several of Google’s domains by mistake. Google researchers detected the issue and revoked trust for the certificate, as well, and notified other browser vendors. Mozilla officials said they don’t believe that the mistake put any users in danger, outside of the certificate authority’s network.
“An intermediate certificate that is used for MITM allows the holder of the certificate to decrypt and monitor communication within their network between the user and any website without browser warnings being triggered. An attacker armed with a fraudulent SSL certificate and an ability to control their victim’s network could impersonate websites in a way that would be undetectable to most users. Such certificates could deceive users into trusting websites appearing to originate from the domain owners, but actually containing malicious content or software. We believe that this MITM instance was limited to the subordinate CA’s internal network,” Kathleen Wilson of Mozilla said.
The other security fixes in Firefox 26 include:
MFSA 2013-116 JPEG information leak
MFSA 2013-115 GetElementIC typed array stubs can be generated outside observed typesets
MFSA 2013-114 Use-after-free in synthetic mouse movement
MFSA 2013-113 Trust settings for built-in roots ignored during EV certificate validation
MFSA 2013-112 Linux clipboard information disclosure though selection paste
MFSA 2013-111 Segmentation violation when replacing ordered list elements
MFSA 2013-109 Use-after-free during Table Editing
MFSA 2013-108 Use-after-free in event listeners
MFSA 2013-107 Sandbox restrictions not applied to nested object elements
MFSA 2013-106 Character encoding cross-origin XSS attack
MFSA 2013-105 Application Installation doorhanger persists on navigation
MFSA 2013-104 Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)
Eight Microsoft Security Bulletins are being pushed out this month, MS13-096 through MS13-106. Five of them are rated "Critical" and another six are rated "Important". The top priorities to roll out this month are the critical GDI+ (MS13-096), Internet Explorer (MS13-097), and Scripting Runtime (MS13-099) updates.
Several of the vulnerabilities have been actively exploited as a part of targeted attacks around the world, and one of them is known to be ItW for at least six months or so.
The GDI+ update patches memory corruption vulnerability CVE-2013-3906, which we have been detecting as Exploit.Win32.CVE-2013-3906.a http://www.securelist.com/en/blog/8139/CVE_2013_3906_another_0_day_for_Microsoft_Office . We have seen a low number of ITW variations on exploitation of this vulnerability as a malformed TIFF file, all dropping backdoors like Citadel, the BlackEnergy bot, PlugX, Taidoor, Janicab, Solar, and Hannover. The target profile and toolset distribution related to these exploit attempts suggest a broad array of likely threat actors that got their hands on it since this July, and a wide reaching distribution chain that provided the exploit around the world. Considering the variety of uses and sources, this one may replace cve-2012-0158 as a part of targeted attacks in terms of overall volume.
The Internet Explorer Bulletin fixes seven different elevation of privilege and memory corruption vulnerabilities, any one of which effects Internet Explorer 6 on Windows XP SP 3 through Internet Explorer 11 on Windows Server 2012 R2 and Windows RT 8.1.
With the depths of domestic government surveillance still not fully realized, secure communications capabilities are at a premium, especially for the privacy conscious.
Already, we’ve seen some services such as Lavabit and Silent Circle’s Silent Mail shudder operations rather than hand over decryption keys to the government that would enable snooping over their respective users. Both companies realized shortcomings in their products’ email encryption capabilities that made it impossible for them to keep to their promises of preserving user privacy. Since then, however, the two companies have joined forces in what they’re calling the Dark Mail Alliance, an effort to develop an open protocol and architecture for private email.
In the meantime, while secure email may be a challenging hill to climb, secure end-to-end encrypted text messaging has been a bit easier to conquer, with successful systems, for example, storing encryption keys on the user’s device keeping them away from the NSA’s reach. And now, given an announcement yesterday, encrypted messaging is within reach of millions of Android mobile device users.
Open WhisperSystems announced that its TextSecure protocol will be integrated as part of the CyanogenMod OS-level SMS app, bringing encryption to 10 million users; CyanogenMod provides aftermarket firmware for Android devices.
Open WhisperSystems cofounder Moxie Marlinspike, right, said in the announcement it was important to have this be a seamless, transparent integration for the user, who would now be able to send encrypted text messages in as simple and reliable fashion as before. He also said this is just the first step toward providing secure communications capabilities to the masses, and that an end-to-end encrypted communications client for Apple iOS is in the works, as is a TextSecure browser extension.
“This effort marks the beginning of our transition to the data channel as a TextSecure transport, which should hopefully open up a host of ongoing opportunities,” Marlinspike said. “Soon we will have a truly cross platform seamless asynchronous messaging system built on open protocols and open source software, with an already massive user base.”
Unlike Silent Circle’s secure text messaging client Silent Text, for example, TextSecure does not require both ends of the conversation to have the client installed, nor are encryption keys stored with OpenWhipser Systems. Instead, they are kept on the user’s device.
Marlinspike said the native CyanogenMod SMS client was modified to support the TextSecure protocol, and that TextSecure for CyanogenMod runs on the TextSecure V2 protocol and supports forward secrecy and the 3DHE agreement for deniable messages.
“If an outgoing SMS message is addressed to another CyanogenMod or TextSecure user, it will be transparently encrypted and sent over the data channel as a push message to the receiving device. That device will then decrypt the message and deliver it to the system as a normal incoming SMS,” Marlinspike said. “The result is a system where a CyanogenMod user can choose to use any SMS app they’d like, and their communication with other CyanogenMod or TextSecure users will be transparently encrypted end-to-end over the data channel without requiring them to modify their work flow at all.”
Marlinspike said too that the recipient device does not have to be on in order for messages to be sent.
“The user doesn’t have to initiate a key exchange and wait for a round trip to complete, or know that the recipient is ‘online,’” he said.
Microsoft announced yesterday that it will complement the two-factor authentication it enabled for account holders in April with additional security features designed to deny account hijacking and unauthorized access.
Windows PC and mobile users, along with Outlook, SkyDrive, Xbox, Skype and other Microsoft services users will soon have three new capabilities to further prop up their accounts.
The most novel may be a dashboard view that presents a user with a log of recent activity, such as log-in attempts—including failed attempts—as well as the addition or deletion of security information and the type of device and browser used for a particular activity. Location is displayed on a map, as well as timestamp data.
“You know best what’s been happening with your account – so the more we give you tools to understand what’s happening, the better we can work together to protect your account,” wrote Eric Doerr, a group program manager at Microsoft. “For example, a login from a new country might look suspicious to us, but you might know that you were simply on vacation or on a business trip.”
Users who determine there has been suspicious or unauthorized activity can click on a “This wasn’t me” button that will then display steps the user can take to secure their accounts.
In addition, users who have already enabled two-factor authentication will be able to generate a recovery code to access their accounts without having to use the information provided during the setup of two-factor.
“Because two-step verification setup requires two verified pieces of security information, like a phone number and email address, it will be a rare occasion when both options fail, but in the event they do, we’ve got you covered,” Doerr said.
Microsoft said that any account user will be add a recovery code to their account, but users will be able to request only one recovery code at a tme; requesting a new one cancels the old one, Doerr said.
“Your recovery code is like a spare key to your house,” Doerr said. “So make sure you store it in a safe place.”
The final new feature users may expect is additional management of security notifications, such as password resets. Users will be able to select, for example, whether they want security notifications send to an email address or a mobile device via text message.
Microsoft account holders have had two-factor authentication at their disposal since April. Users are asked to provide two pieces of security information that Microsoft stores; the user will enter a password, for example, and then have a code sent to their mobile device as a second authenticator.
Microsoft also released an Authenticator app for Windows Phone; the app is built on a standard authentication protocol meaning that it could be used on other Web-based services such as those offered by Google, Dropbox and others.
Eight massive technology companies including Facebook, Apple and Google make up a new coalition calling for a reform of surveillance practices, which the companies say are undermining trust in not only their respective services, but of the Internet as a medium for communication and commerce.
The group, joined under the banner Reform Government Surveillance, co-authored an open letter to President Barack Obama and the U.S. Congress that says the surveillance of Americans in the name of national security undermines freedom.
“The balance in many countries has tipped too far in favor of the state and away from the rights of the individual—rights that are enshrined in our Constitution,” the companies wrote.
This is not the first time AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo have locked arms in protest of the National Security Agency’s activities since they were revealed starting in June in a series of documents by former NSA contractor Edward Snowden.
The tech giants have repeatedly petitioned Congress and the Attorney General for greater freedom to quantify the number of court orders—in particular those issued by the secret Foreign Intelligence Surveillance Court—requiring them to share user data with the government. Currently, National Security Letters can only be reported in bulk and in buckets of 1,000. The companies argue that just clouds transparency efforts.
The group urged government to adopt five principles it explains on its website, starting with limits on the government’s ability to compel service providers to disclose user data and stop bulk collection of Internet communication. It also calls for intelligence agencies to operate under a clear, transparent legal framework that includes independent reviewing courts, which is currently not the case with FISC.
In addition to again requesting permission to publish the number and nature of government requests for data, the group asks government to allow data to cross borders without having to worry about legal loopholes that enable government to access data stored outside the country.
Finally, the tech companies ask that governments work together to avoid conflicting laws and develop transparent legal frameworks under which governments agree to operate when it comes to requests for user data.
“Reports about government surveillance have shown there is a real need for greater disclosure and new limits on how governments collect information,” Facebook CEO Mark Zuckerberg said. “The US government should take this opportunity to lead this reform effort and make things right.”
For their part, most of the companies in question have ramped up their efforts to encrypt data and connections between data centers that were tapped by the NSA. A recent study by the Electronic Frontier Foundation of the encryption practices of a number of leading technology companies and Internet service providers showed varying levels of encryption deployments. Most, for example, already deploy HTTPS be default on all services—Yahoo is a laggard in this area, though it has announced that it will do so early in 2014. Notably fewer have deployed either HSTS or Perfect Forward Secrecy, which experts are becoming more vocal about it becoming a common accepted practice.
“The security of users’ data is critical, which is why we’ve invested so much in encryption and fight for transparency around government requests for information,” said Google CEO Larry Page. “This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world.”
Recent revelations just add to the gravity and depths of the NSA’s surveillance activities; the Washington Post, for example, reported last week that the agency collects five billion cell records a day.
“People won’t use technology they don’t trust,” said Brad Smith, Microsoft General Counsel. “Governments have put this trust at risk and governments need to help restore it.”
Microsoft trumpeted its disruption of the ZeroAccess peer-to-peer botnet late last week, but some experts are holding off on scheduling a celebratory ticker-tape parade.
With numerous successful takedowns of botnets with a centralized command and control infrastructure in its back pocket, Microsoft may have missed on its first crack at a P2P botnet. Security company Damballa, for one, is reporting that Microsoft targeted only the click-fraud component of the botnet and not the custom communication protocol used by ZeroAccess to distribute configuration files and new commands. Attackers, researchers say, can simply issue new configuration files to the botnet and resume operations in a relatively short amount of time.
As for the click-fraud component, Damballa researchers say that approximately 62 percent of that part of the infrastructure seems to be up and running.
“Even without updates being sent across the P2P channel, the botnet’s monetization was largely unaffected,” wrote Damballa chief scientist Manos Antonakakis and Yacin Nadji, a Ph. D. candidate at the Georgia Institute of Technology in a blog post.
Nadji told Threatpost this morning that the attackers could be up and running against shortly, needing only to acquire additional servers and domain names, then updating a text file with the new information, adding that the amount of effort required to send new configuration files is much cheaper for an attacker than rebuilding from scratch.
“If you disable the click-fraud component without disrupting the peer to peer infrastructure, the botnet masters just have to use the existing peer to peer infrastructure to send updates to say ‘Ok, don’t use this click fraud infrastructure any more, use this new one,” Nadji said. “It doesn’t eliminate the botmasters’ ability to communicate with its infected peers, so if they had asked anyone’s opinion in the security community who is familiar with this botnet, they would have been able to say this is not going to do anything.”
Peer- to-peer botnets such as ZeroAccess, Kelihos, and versions of Zeus have proven difficult to keep in check; compromised bots talk to each other rather than to a central server. Often they employ custom protocols for communication that must be decrypted before they can be analyzed. Researchers have in the past had a rough go analyzing peer to peer botnets, or even enumerating their size.
A paper released earlier this year examined these features as well as botnets’ resilience to sinkholing, injection attacks and other disruptive methods used against other botnets. According to the paper, ZeroAccess maintains its peer lists by updating them every few seconds and merging previous lists, keeping the 256 most recent peers.
ZeroAccess has been around since 2009, evolving from a platform that pushed malware to a money-making botnet. According to Microsoft and Europol, it has infected nearly two million computers all over the world and cost online advertisers upwards of $2.7 million each month. Nadji said that taking over a peer-to-peer botnet is time consuming and difficult, largely because you’d have to not only understand the custom communication protocol and encryption being used, but then you would have to advertise yourself as a node on the network and send faulty information to other bots to slowly take it over.
“Even in this case, you would have to worry about reactive botmasters. If they’re able to see if this behavior is happening on the network, they may be able to counter it in some ways,” he said.
Microsoft teamed up with Europol’s European Cybercrime Centre (EC3), the FBI, and the application networking and security firm A10 Networks to take down ZeroAccess. Microsoft filed a lawsuit against the botnet’s operators, and a Texas district court granted the tech giant permission to block incoming and outgoing traffic to 18 IP addresses found to be involved in the scam. Microsoft was also able to wrest control of 49 domains associated with ZeroAccess.
“The coordinated action taken by our partners was instrumental in the disruption of ZeroAccess; these efforts will stop victims’ computers from being used for fraud and help us identify the computers that need to be cleaned of the infection,” said David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit.
Nadji hopes to see better collaboration between not only technology companies, but law enforcement and academia to combat peer to peer botnets.
“We’ve seen some good cases (Conficker) where people from people from academia, industry and law enforcement were all working together to combat a serious threat,” Nadji said. “Those are the ones most likely to be successful. With peer to peer botnets, there needs to be a lot more work in understanding how we can effectively disable these. If (ZeroAccess takedown) was a more collaborative effort, I think we would have said ‘Hey, wait a minute, we need to handle this better if we’re actually taking down this botnet.’”
Google last week revoked digital certificates for some of its domains that had been fraudulently signed by an intermediate certificate authority with links to France’s cyber-defense agency.
The Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) claims that the spoofed Google certificates were signed by mistake and that the error had no security impact on either the French government or the general public.
“As a result of a human error which was made during a process aimed at strengthening the overall IT security of the French Ministry of Finance, digital certificates related to third-party domains which do not belong to the French administration have been signed by a certification authority of the DGTrésor (Treasury) which is attached to the [Infrastructure Management Trust Administration],” ANSSI officials published in a bulletin on their website.
Google says it first noticed the unauthorized digital certificates late on Dec. 3 and immediately updated Chrome’s certificate revocation list to block all certs issued by the intermediate authority. Google then informed the ANSSI and the other major browsers about the bad cert as well.
The bad certs were not signed by the ANSSI directly but by an intermediate authority whose certificates were signed by the ANSSI. Certificates issued by intermediate CAs are automatically trusted by browsers if the browsers already trust the root CA that signed intermediate CA’s certificate. In other words, the ANSSI issued a certificate to the offending intermediate CA, granting that intermediate CA permission to carry the full authority of the root CA, which in this case was the ANSSI. It was then the intermediate CA that created a fake certificate spoofing the one that establishes a secure connection with the Google domains in question.
“ANSSI has found that the intermediate CA certificate was used in a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the users on that network,” Google security engineer Adam Langely wrote on Google’s Online Security Blog. “This was a violation of their procedures and they have asked for the certificate in question to be revoked by browsers. We updated Chrome’s revocation metadata again to implement this.”
Google says that it’s actions addressed an immediate security problem for its users.
“Since our priority is the security and privacy of our users, we are carefully considering what additional actions may be necessary,” Google warned.
The ANSSI says that the whole infrastructure management trust administration (IGC/A) process is under review to ensure that “no incident of this kind will ever happen again.”
It is well known the SSL certificate system that establishes trust online is seriously flawed. In an attempt to better the situation, Google initiated the Certificate Transparency project, which is aimed to eliminate these flaws by providing an open framework for monitoring and auditing SSL certificates. Google called this incident a serious breach and says it underscores the need for better certificate transparency.
As 2013 comes to a close, security experts are looking back at the major stories and developments of the year, including the Edward Snowden NSA leaks and major malware attacks. In this video, Vitaly Kamluk of Kaspersky Lab examines the biggest security news of 2013 and talks about the lasting effects they may have.