Staying Safe Online: Privacy

Criminals try to gather information about us online in order to scam us and steal our identities. In America in 2012, identity theft cost the average victim $365 and 12 hours of work to rectify. In 2013 there were 13.1 million U.S. adult victims, that’s nearly one victim every two seconds! That figure represents 5.5% of U.S. adults. This is why being savvy with our online privacy is important!

Read More

Apache Struts: CVE-2014-0094 and CVE 2014-0050

Struts is an extensible framework used for creating enterprise Java Web Applications. In Struts 1.x there is a problem related to how the ActionForm bean population machanism works, whereas in Struts 2.x there is an issue in how ParametersInterceptor allows access to the ‘class’ parameter that is directly mapped to the getClass() method and allows ClassLoader manipulation. Long story short, this can allow attackers to execute arbitrary Java code remotely.

Read More

CRIME against TLS?

Compression Ratio Info-leak Made Easy CRIME is an attack against SSL, like Heartbleed, but it has a much smaller probability of exploitation. The authors of CRIME also wrote the BEAST attack. The attack can allow an attacker to recover web cookies and thereby perform session hijacking attacks, much like BEAST and the specific restrictions for the attack are similar.

Read More

What is BEAST?

Browser Exploit Against SSL/TLS BEAST is an attack against SSL/TLS which is the cryptographic system that protects data sent online. A practical attack was found to be possible against TLS v1.0 and SSLv3.0 (and below). The issue is that the Initialisation Vector (IV) utilised as part of the encryption process can be determined by an attacker. IVs are utilised to prevent encrypted data from being deterministic, they essentially make it harder for attackers to determine patterns in encrypted data. Without them if a repeating pattern is evident in the plaintext then it will be evident in the ciphertext and this …

Read More

Heartbleed

CVE-2014-0160 A vulnerability exists in outdated version of OpenSSL which allows an attacker to cause the server to disclose up to 64kb of server memory contents. This can cause secret keys, authentication tokens, usernames and passwords to be compromised. This can lead to an attacker being able to impersonate users and decrypt data transferred between a user and the server.

Read More

XXE: XML External Entity Injection

Here’s a quick write-up on XXE, starting with how to detect the vulnerability and moving on to how to fix it! XXE is a vulnerability in the way that XML parses handle user input and if an attacker is able to enter arbitrary or crafted data into an XML parser they may be able to inject entities and this could leave to file disclosure, denial-of-service attacks or in rare cases – code execution!

Read More