All posts by admin

Application Development, Potential Risk of CVE

Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions

2 Comments

Computer technology world vulnerability exposure can’t slow down. A design weakness on Bouncy Castle BKS-V1 keystore files found. If you are a java program developer. It is a alert signal. 

The Bouncy Castle APIs consist of the following:

  • A lightweight cryptography API for Java and C#.
  • A provider for the Java Cryptography Extension (JCE) and the Java Cryptography Architecture (JCA).
  • A provider for the Java Secure Socket Extension (JSSE).
  • A clean room implementation of the JCE 1.2.1.
  • A library for reading and writing encoded ASN.1 objects. Lightweight APIs for TLS (RFC 2246, RFC 4346) and DTLS (RFC 6347/ RFC 4347).

Generators for Version 1 and Version 3 X.509 certificates, Version 2 CRLs, and PKCS12 files. Generators for Version 2 X.509 attribute certificates.

Generators/Processors for the following:

  • S/MIME and CMS (PKCS7/RFC 3852)
  • OCSP (RFC 2560) – TSP (RFC 3161 & RFC 5544)
  • CMP and CRMF (RFC 4210 & RFC 4211).
  • OpenPGP (RFC 4880) – Extended Access Control (EAC)
  • Data Validation and Certification Server (DVCS)
  • RFC 3029 – DNS-based Authentication of Named Entities (DANE).
  • RFC 7030 Enrollment over Secure Transport (EST). A signed jar version suitable for JDK 1.4-1.7 and the Sun JCE.

The vulnerability note can be find here:

https://www.kb.cert.org/vuls/id/306792

 

Data privacy

Facebook’s Zuckerberg ‘sorry’ over Cambridge Analytica ‘breach’

 

Facebook scandal looks a hot discussion topic this week. However the scandal looks like the vendor misbehavior instead of data breach. Anyway let’s the expert figure out the truth. Perhaps this is not a news of cyber security expert since facebook not a secure platform so far. Scam email, email plishing relies on stolen data on facebook client endpoint do the ditry tricks. Heard that the UK parliament asks Mark Zuckerberg to testify in data misuse case. Oh!

Facebook’s Zuckerberg ‘sorry’ over Cambridge Analytica ‘breach’. For more details, please refer following url for reference.

http://www.bbc.com/news/world-us-canada-43494337

 

Potential Risk of CVE, Under our observation

Citrix XenServer Multiple Security Updates – CVE-2016-2074,CVE-2018-7540&CVE-2018-7541

Citirix XenServer is a hypervisor platform that enables the creation and management of virtualized server infrastructure.Since modern defense machanism can effectively protected cyber attack. However if the threat actor re-engineering their attack method integrate with rare system bug. The overall suituation will become worst. Hypervisor locate in the middle in between VM and hardware. VM relies on this isolation to avoid ring-0 attack. But now solution released so I am not going to say anymore.

Be quick to read below url if you are the Citrix XenServer end user.

Citrix XenServer Multiple Security Updates

https://support.citrix.com/article/CTX232655

 

Under our observation

Stay Alert when you download Tencent game apk on unofficial web site!

Tencent games are now kings in the Chinese gaming area. The most famous game named “王者榮耀” breaking the record.The total number of downloads exceeded 200 million, and the number of registered users exceeded 200 million. The annual revenue in 2016 was RMB 6.8 billion. Perhaps it is a popular game and therefore it lure the treat actor target on this application (apk). For interest, I download this apk file on internet but not in official website. Found that there are total of 2 files which trigger alert. It was strange that the security alert triggered by file (midaspay.zip). As far as I know Midas is a Tencent’s mobile payment module. However it is hard to understand what is the goal to embedded a advertisement feature? Adware technically is not malicious, but there is nothing good about it. So when you download this hottest game. Be remind yourself stay alert. Please go to the official web site. For more details. Please refer below picture for reference. Good night! Zzzzzzzz

Data privacy

GDPR – Art.17 GDPRRight to erasure (‘right to be forgotten’)

In effective of data protection policy on 28th May 2018. EU member countries mandatory to compliance data protection policy. It is a good news to avoid personal data misuse somewhere. Such benefits applies to all member countries citizen. Following ground of interpretation you are allow to execute following actions. For instance:

The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

But following criteria shall not apply to the extent that processing is necessary: For compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Actually there are more. For more details, please refer to

https://gdpr-info.eu/art-17-gdpr/

Enjoy!

Potential Risk of CVE

CVE-2018-6183 – Who is the perpetrator?

The cyber security defense services vendor “bitdefender” was informed that their products has vulnerability occurs. In regards to technical details (CVE-2018-6183). It stated the following. BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an “insecurely created named pipe”. Ensures full access to Everyone users group. However the exploitation of named pipe vulnerability not a news. It was found few years ago. Should you interested of this detail, below diagram can provides hints to you in this regards. Perhaps you would like to understand more. Please refer below url for reference.

http://seclists.org/fulldisclosure/2018/Mar/24

Cell Phone (iPhone, Android, windows mobile)

CVE-2018-3561 – Is this a hiccups or it will maintain longer?

Retrospectively, the annual revenue growth of smartphone chips vendor on 2017 Q3. Samsung is the winner.Qualcomm growth only 23% but apple only growth of 12%. From my personal point of view, even though operating system or vulnerability on iPhone looks mystery. Perhaps it is a business strategy in order to avoid competitor know the details. By the way, Qualcomm techincal design limitation lure my interest. Regarding to the CVE 2017-15834 it proof that there is a vulnerability occur in kernel let it encountered potential heap overflow. But this bug found last year, however I believe that it will continous expose something bad until MDM9615 and MDM9x07 end of life.The MDM9615 appears to be a Qualcomm chip. But apple iPad deployed it. Android phone is the biggest comsumer of MDM9615 and MDM9x07 so far. A new vulnerability identify by US-CERT on Mar 2018 with vulnerability record reference no. CVE-2018-3561.The issue is that Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition. Stay alert and update your Android phone once patch for security update available.

Blockchain

Hyperledger technology without compromise

It has different fraud found in banking industry in past. The most annoying import and export bills department is the letter of Credit application.  A regulation gap in between cross-border countries. There are fraudulent cases found in banking industry in past. The most annoying topic is the import and export bills department is the letter of Credit application. A regulation gap in between cross-border countries. If is easy to let banking staff not aware fall in trap created by crook. As a result it encountered financial lost.

Whereby the International Chamber of Commerce agree to compliance the Uniform Customs & Practice for Documentary Credits (UCP 600) rule. As times go by many people ask whether the UCP 600 will be revised?

The technologies market practice so far. I heard that Letter of Credit has been replaced by hyperledger. I have seen Microsoft Azure Cloud services is going to target hyperledger, Ethereum types hyperledger platform market. Should you have interest of this technology transformation. Please refer below diagram for reference. By the way, hyperledger services now available on Azure Cloud. For more details, please refer below url for reference.

https://azure.microsoft.com/en-us/blog/announcing-support-for-additional-blockchain-protocols-on-azure/

Potential Risk of CVE

In order to Prevent Future Spectre-Like Flaws – Intel microcode revision update – March 2018

2 Comments

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This vulnerability so called Variant 2 (Spectre). Intel now work hard doing the remediaton of this flaw. We seen Intel new revision of MCU to replace the exisiting MCU. What is a MCU. A microcontroller (or MCU for microcontroller unit) is a small computer on a single integrated circuit. In modern terminology, it is similar to, but less sophisticated than, a system on a chip. My personal speculation is that vendor not only take this action. It also do a memory resigter in SGX module (refer to attached diagram). Intel SGX is a set of central processing unit (CPU) instruction codes from Intel that allows user-level code to allocate private regions of memory, called enclaves, that are protected from processes running at higher privilege levels. We heard that  another design flaw found on another CPU vendor. But comparing the responsibility point of view. Intel looks more responsive and responsibility.

For more details, please refer below url for reference.

https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

Cell Phone (iPhone, Android, windows mobile)

Do you concerns of your e-wallet?

Electronic wallets play an important role in our daily lives. Perhaps the demand of e-wallet market in Hong Kong cannot compare with Greater China market. However mobile phone itself like computer device will encounter Zero – day. This week I keen my personal interest review the TNG wallet design. I am concerning the vulnerability (CVE-2016-5195) on android OS in past. TNG wallet is able to working with armeabi-v7a and armeabi.

From cyber security perspective, it is highly recommend TNG e-wallet user follow the security advice of mobile phone vendor. It is better to update OS once it is available. For more details, please refer to below diagram for reference.