Preface: However, obsolete TLS configurations are still in use in U.S. Government systems. Perhaps it is being change. According to the Office of Management and Budget (OMB) memorandum M-15-13 all public accessible federal websites and web services are require to only provide through secure connections.
Synopsis: The Internet Engineering Task Force (IETF) published TLS 1.3 in August 2018. TLS 1.2, the version it replaced, was standardized a decade previous, in 2008. Attached diagram shown the examples of TLS Vulnerabilities and Attacks.
Consequent: Using obsolete encryption provides a false sense of security because it seems as though sensitive data is protected. Network connections employing obsolete encryption protocols are at an elevated risk of exploitation and decryption.
Recommendation: NSA recommends that only TLS 1.2 or 1.3 be used. As a result, SSL 2.0,3.0,TLS 1.1 not be used anymore.If additional interoperability support is need, configurations should use non-deprecated options from NIST SP 800-52r2 as necessary.
Background: Linux pam originated from the open source implementation of the software DCE-RFC of Sun, a well-known manufacturer later acquired by Oracle. PAM is called Pluggable Authentication Modules, which can be inserted into authentication modules. Various authentication modules and plug-ins can be dynamically introduced for authentication without reloading the system, very flexible.
Vulnerability details: When the user doesn’t exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.
Reason: The default options set on pam_pwquality above include local_users_only, which tells pam_pwquality to ignore users that are not in the local [/]etc[/]passwd file. However, the blank check could return 1 if root had empty password because in the second case (refer to diagram) the password hash of root was used.
Background: In November 2020, lots of DeFi platforms in Ethereum encounters a security incident, such as Pickle Finance, 88mph.
What Is Decentralized Finance (DeFi)? By deploying immutable smart contracts on Ethereum, DeFi developers can launch financial protocols and platforms that run exactly as programmed and that are available to anyone with an Internet connection.
What Are Flash Loans in DeFi? A loan from strangers is possible in DeFi. In order to fulfill this request. The individuals should repay the lender in the same transaction that issued the funds.
Vulnerability details: The Farm contract is deployed in every Seal pool and the function breed() in the contract is used to issue new Seal tokens.However there is no access control designed for the breed() function, anyone can calls the breed() function of the Farm contract.
Preface: Neither shellcode or shellcode injection have anything to do with shell scripting. It is a sophisticated way of finding a vulnerable spot on the cyber security layer of an organization and exploiting it for malicious purposes.
Background: Azure Sphere is a secured, high-level application platform with built-in communication and security features for internet-connected devices. The platform consists of the integration of hardware built around a secured silicon chip; the Azure Sphere OS (operating system), a custom high-level Linux-based operating system; and the Azure Sphere Security Service, a cloud-based security service….
About “PACKET_MMAP” function: From official article, it illustrated below: PACKET_MMAP provides a size configurable circular buffer mapped in user space that can be used to either send or receive packets. However a design weakness has occured! The mmap‘ed memory buffer will be filled by the kernel when using PACKET_RX_RING. As a result, the user’s process, it’s enough to mmap a buffer with PROT_READ|PROT_EXEC permissions flags, and let the kernel fill the buffer.
Preface: Do you have doubt? For example: Mimikatz tool & Psexec.exe will detected by antivirus. How ransomware disable antivirus?
Technical Reference: Malware can no longer disable Microsoft Defender via the Registry.So it increase the difficulties to evade the defense mechanism. But it still cause great damage. A ransomware wreaked havoc on the digital world.
The most common ransomware attack vectors are:
Remote desktop protocol (RDP).
Email phishing.
Software vulnerabilities.
Malicious code hidden on the site
Malicious Email Links
How ransomware disable antivirus?
According to the vulnerability in operating system, software application,..etc. For more details, please refer to attached diagram. In additional, hackers exploit a vulnerability in a legitimate (.SYS) driver to gain kernel access will be an additional way. As a result, ransomware installs legitimate driver kill antivirus services.
Preface: Today’s web design tools are quite mature, and you can complete large websites without even touching HTML syntax. Maybe the vulnerability can happen in this way!
What is the difference between GET and POST? In HTTP GET Method, it is not allowed to pass data in message-body, because it is GET. The original POST is to send the form data in the message-body. In addition, multi-part encoding will be used when sending files, and the files and other form fields will be placed in the message-body for sending.
Vulnerability details: It is possible to use various shell metacharacters to inject arbitrary OS commands. The command output does not appear to be returned in the application’s responses, however it is possible to inject time delay commands to verify the existence of the vulnerability. For more details, please refer below url: https://nvd.nist.gov/vuln/detail/CVE-2020-25494
Design weakness on SolarWinds Patch Manager found April, 2019. The flaw is that when Notepad++ and 7-Zip do not requiure trust sign verification. Fundamentally, 7-Zip has never signed their packages. Meanwhile the certificate to sign Notepad++ is expired at that time. SolarWinds asks customers with any of the below products listed as known affected for Orion Platform v2019.4 HF 5 to update to Orion Platform 2019.4 HF 6, which is available at https://customerportal.solarwinds.com/
Quick verification – CHECK FILES AND HASHES: The presence of any of the following files indicates that a trojanized version of SolarWinds is installed.
Preface: Many companies, especially law firms, and financial institutions will choose Citrix thin client functions. The decision seems to be correct, because their function looks perfect. For example, TCP offloading and network security protection. However, in order to cope with on demanding digital technology market. As a result, they are involved in some technologies and zone which will be interest to hackers.
Highlight: Design weakness on specific product: 1. Citrix Gateway Plug-in for Windows: If exploited, could result in a local user escalating their privilege level to SYSTEM.
Design weakness: When the service runs, it executes a periodic PowerShell script, executed as SYSTEM, every five minutes. To exploit this vulnerability, an attacker could create a malicious file, name it powershell.exe and copy it to every directory they have access to. This would allow them to achieve elevation of privileges on system’s running the Citrix Gateway Plug-In for Windows.
2. Starting 1st Oct 2020, ADC MPX and SDX will use serial number of applicance as password
My idea defined it is a prequel. The following details are based on Exodus (Pentateuch of Moses). So far, the mainstream viewpoint of Catholicism hiding the old testament of bible. However, the unearthed cultural relics including “Death Sea Scrolls” and “Ancient Mesopotamia wedge shaped marks on clay tablets”. Their descriptions has similarity. Perhaps many people do not have interest of these information and the origin of human civilization. However if you have heard the details of old testament of bible. You will questioning that the phenomenon described on the books contains of scientific logic. It is unknown information in that period of time. According to the documentation, the pharaoh during the Exodus was Ramses II (c. 1304–c. 1237). In short, Moses was probably born in the late 14th century BCE. According to the write down by Hebrew Bible. It describe how the Israelites took the ark with them into battle where the powers of the ark helped the Israelites defeat their enemies. Perhaps it is a myth or it is a advance civilization technology power?
God parts the waters of the Red Sea (Exodus 14:22). If there is advanced technology, is it possible?
According to historical records, the integration of machines into human life began with the American Industrial Revolution. If following the logic, we assume that informations in bible using accumulation method. Who is the person who wrote the Bible (Old Testament). This is unknown. They are the ancient people. So they do not have concept air-plane will fly on the sky. Therefore when they encounter unknown scientific matter. They will use their religious to do the interpretation. When I was young, listening to “Exodus” was a traditional view. It was a myth. But when you think into details. Moses went with Jews though Red Sea. We so called that unbelievable phenomenon. Perhaps the phenomenon given by nature. The following details may expand your thinking space.
In some places, the tide will dry the seabed for several hours and then resume. In fact, in 1798, Napoleon Bonaparte and a small group of soldiers on horseback crossed the Gulf of Suez at the northern end of the Red Sea, where Moses and the Israelis are said to have crossed here. In the mile-long dry seabed exposed by the low water.
The invisible power on the earth will be the magnetic field and atmosphere (air pressure). However, on the surface of the earth, the strength of the magnetic field is about 0.5 Gauss units (50,000 nano-Tesla or 50,000 nT). In contrast, typical toy magnets or magnets used in refrigerators produce about 100 Gauss. Therefore, it seems not possible to transform the magnet field in earth to block the sea water. Even the Red Sea located in the middle of two poles (refer above diagram) it is not possible to use the natural magnetic power. Because the power is too weak.
Before we go to topic (ark of the covenant). We first look at ancient construction build on earth. The Temple of Bacchus is part of the Baalbek temple complex located in the broad Al-biqā (Bekaa Valley), Lebanon. German archeologists recently discovered a 2,000-year-old stone dating back to the Roman Empire in a quarry in Baalbek, Lebanon. At 64 feet long by almost 20 feet wide, the new stone weighs in at a massive 1,650 tons. Refer to below picture, the architecture of Bacchus contains similar sizes of stone installed. The archaeologist also had doubt in this matters. How do they move the stone?
Utilizing a strong magnetic field as a powerful tool requires electricity power.
Perhaps, the expert trusted that the ancient people can installed a wheel on both end of the stone let it move. Oh! it is talking about 1650 tons. Do you think this is the correct way. According to my article (Quantum entanglement in Pyramid internal compartment). I agree with some experts said, the King’s chamber had major component which has lost. I speculated that it is a Hadron Collider which mentioned in my article. (The stone coffin installed in King’s Chamber is not a coffin. It is the stand of a machine. Perhaps it is a Hadron Collider). Quite a lot of expert speculated that magnetic technology involves to ancient relics construction. So, they can move the items which modern technology cannot move.
Remark: All the magnets on the LHC are electromagnets. The main dipoles generate powerful 8.3 tesla magnetic fields – more than 100,000 times more powerful than the Earth’s magnetic field. In our modern world, a Large Hadron collider has located in Swiss. The LHC consists of a 27-kilometre ring of superconducting magnets with a number of accelerating structures that boost the energy of the particles along the way. CERN uses 1.3 terawatt hours of electricity annually. According to logic, advanced civilization will not use human being traditional electric power generation method. They will use nuclear power. This is not a assumption.
Reference: As a matter of fact, Archaeologist found that a heavy layer of radioactive ash in Rajasthan, India, covers a three-square mile area, ten miles west of Jodhpur. This is the famous place Mohenjo-daro. An evidence shows an nuclear reaction related disaster in this place. It dating back thousands of years (from 8,000 to 12,000 years).
The Crusaders own the Ark of covenant. So, they can win the battles.
In fact, archaeologist cannot confirm the timeline for ancient people build the Khufu Pyramid. According to the markings on the foreman and Pharaoh Khufu of Egypt’s fourth dynasty on the wall of tomb, Egyptologists believe this pyramid is this tomb.
Moses was ordered by the Lord rescue the Jews leave Egypt, said old testament of bible. My study also according to this information. Even today, the Catholics all around the world. They do not have doubt of his Lord identifications. Perhaps, Lord is part of advanced civilizations. Because some rumours described that ark of the covenant contains mystery power. When Christianity army carried the Ark with them. They did not lost battle. My speculation of this article is also driven by this unconfirmed matters. I assume when advanced civilization instructed Moses rescue the Jews. It has possibility that they will militarized themself. So they took the component in Pyramid. The facts is that if they would like to against huge amount of enemies and save the life of Jews. Advanced technological weapons are a success factor. Therefore, nuclear power and magnetic power are appropriate elements.
Moses led more than 300,000 Israelites across the Red Sea to the Sinai Peninsula. The messenger used the pillar of cloud to protect the Israelites from the Egyptians. He ascended Mount Sinai and received the Ten Commandments from God. So, he build the ark according to God’s instructions and designs. Inside the ark are two stone tablets (with the Ten Commandments written on them). (Exodus 25:8-10,16; 31:18; 40:20).
In 14th April,1561, an unidentified flying objects (UFO) above Nuremberg, Germany. Above diagram shown a broadsheet news article printed in April 1561. Is it a coincidence? A pillar shape unknown flying object shown on the picture. As we know, in 1903 the Wright brothers had invented the first successful airplane. Talking about three hundred and fifty years ago, human being do not have airplane concept. As a result, when they seen similar shape of UFO. Perhaps they will only draw or use the key word pillar for description.
Build the ark according to God’s instructions and designs
The ark of the covenant was built by the ancient Israelis according to God’s instructions and designs. Inside the ark are two stone tablets (with the Ten Commandments written on them). (Exodus 25:8-10,16; 31:18; 40:20)
Inside covenant the ark, it contains the following items:
The two stone tablets of the Law.
Aaron’s rod that budded.
The golden pot of ‘hidden’ manna.
Together these three items form the Testimony (Exodus 25:21)
The dimension for ark of the covenant shown below:
3.6417322835(ft) x 2.1981627297(ft) x 2.1981627297(ft)
But I speculated that the the golden pot store in the ark is the minimized nuclear power generator. Our civilization know how to utilize the nuclear power technologies since 40’s. The well known matters is the Manhattan Project. Robert Oppenheimer which use Albert Einstein theory to invent the Atomic bomb. Our experience in this nuclear technology area was less than hundred years. For example, fusion reaction technique (see below diagram) can generate huge volume of electricity power. However the extreme temperature generated during reaction is the problem which make them headache. Furthermore the size of the facilities are huge big. The advanced civilization even know how to pass through the milky way. And therefore they know how to minimized the overall size of nuclear facility. This is not surprising.
The theory of mass-energy conversion found by Albert Einstein in earlier nineteen century. The sun’s energy is produced in its interior, via thermonuclear fusion. That is, mass is converted to energy in a way described by Albert Einstein’s famous equation, E=mc2. See below conceptual diagram for fusion reaction in the sun. There are currently several main controllable nuclear fusion methods: laser confinement (inertial confinement) nuclear fusion, magnetic confinement nuclear fusion (tokamak) and (plasma) magnetic confinement. This is also the principle used in the so-called Tokamak nuclear fusion reactor.
In October 2014, Lockheed Martin announced the invention of a small nuclear fusion reactor, the 100 MW reactor was reduced to 7×10 feet in size. Perhaps in future, it can create a mini nuclear fusion reactor put into the ark again.
In addition, some issues are mentioned in Exodus (see below). See if my next article covers the following items.
According to the Chapter 16 of the Book of Exodus, manna appeared on the 15th day of the second month after the Israelites came out of Egypt. At that time, Moses led the Israelites to the wilderness between Elim and Sinai. There was nothing to eat, so Israel People complained to Moses that they were about to starve to death. The Lord therefore promised that Moses would give food to the Israelites.
Gold has capability to block Gamma radiation. Jewish and Christian holy scriptures dictate that the Ark of the Covenant can be carried only by Levites, who constituted the ancient Jewish priestly class. They must carry the Ark by using two wooden poles inserted through rings on its sides, as touching the Ark itself will result in death at the hands of God.
At night, quail flew over and covered the camp; in the morning there was dew on the ground around the camp. After the dew rose, unexpectedly, there were small round objects (Algae) like hoarfrost on the wild ground. When the Israelites saw it, but didn’t know what it was, they asked each other: What is it? Moses said to them: This is the food the Lord gives you to eat. This food is called manna in Israel; it looks like coriander seeds, is white in color, and tastes like pancakes mixed with honey.
Here, I wish you a Merry Christmas and a Happy New Year.
Preface: When I was young, there were two giants in the mid-range system market. They are IBM and Sun Micro. Over the time, IBM won this market. To this day, the business world likes to use IBM AIX OS the most.
Background: About twenty years ago, a well known buffer overflow vulnerabilities discovered in Kerberos 5 due to buffer overflows in the Kerberos 4 compatibility code. As a result, it impacting the MIT Kerberos 5 releases (1.0.x, 1.1 and 1.1.1) and MIT Kerberos 4 patch level 10. According to IBM AIX 7.2 security guidebook. It described that when Kerberos authentication is successful. The secldapclntd daemon saves the bind credentials to the [/]etc[/]security[/]ldap[/]krb5cc_secldapclntd directory. Whereby, it shown that AIX 7.2 is using Kerberos 5. Since CVE-2020-4829 not explicitly describe the vulnerability details. Perhaps it let me speculated that the vulnerability announced this month has relationship between flaw found 20 years ago.
Reminder: This bug looks critical in my personal opinion. It is recommended to patch immediately.
Official announcement: https://aix.software.ibm.com/aix/efixes/security/ksu_advisory.asc
.jpg?width=1920&height=1080&fit=bounds)
.jpg?width=1920&height=1080&fit=bounds)
.jpg?width=1920&height=1080&fit=bounds)
