Google has discovered a bug in the CryptProtectMemory memory-encrypting function found within Windows 7 and 8.1, and made its disclosure public after its Project Zero deadline of 90 days passed.
The bug was found by James Forshaw, who also discovered a privilege elevation flaw in Windows 8.1, the disclosure of which drew the ire of Redmond earlier this week.
Forshaw described his new issue as an impersonation check bypass that could be an issue if a service is vulnerable to a named pipe planting attack or is storing encrypted data in a world readable shared memory section.
“When using the logon session option (CRYPTPROTECTMEMORY_SAME_LOGON flag), the encryption key is generated based on the logon session identifier, this is for sharing memory between processes running within the same logon. As this might also be used for sending data from one process to another, it supports extracting the logon session ID from the impersonation token,” Forshaw said.
“The issue is the implementation in CNG.sys doesn”t check the impersonation level of the token when capturing the logon session ID (using SeQueryAuthenticationIdToken) so a normal user can impersonate at Identification level and decrypt or encrypt data for that logon session.
Read the rest of the story at ZDNet.
After hackers threatens to make terrorist attack if the “Interview” movie is shown in theaters, Sony releases a press statement cancelling the showing of the said movie. The hackers which called themselves “Guardians of Peace”, has recently hacked into Sony servers compromising the company’s financial data, unreleased movies and emails.
“We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process, do damage to our company, our employees and the American public,” a Sony spokeswoman said in a statement. Sony further added that there is no further plans in releasing the movie.
The Guardians of Peace demanded Sony refrain from showing the movie. The “Interview” is a movie comedy that pertains to the assassination of North Korea’s president.
In a news report from CNET, shows that North Korean hackers is behind the Sony attack. Previous attacks by North Korea to South Korean media companies and banks in 2013 are similar in nature.
Furthermore, the hackers uses language in support to North Korea. The North Korean government has denied the allegations that they are behind the attack. However, they support the attack made to Sony.
“The hacking into Sony Pictures might be a righteous deed of the supporters and sympathizers with the DPRK [Democratic People”s Republic of Korea],” a spokesman for North Korea said.
If you are curious to see the movie the trailer is shown at Youtube.
Spotify is planning to roll out an update on its Android app after it reported that a hacker has breached its security and accessed internal data.
According to Spotify one user account has been affected and the hacker was not access any password, financial or payment information. The company said that they were able to contained the attack after there engineers realized when their servers have been breached.
“Information security and data protection are of great importance to us at Spotify, and that is why I’m posting today,” Oskar Stål, Spotify’s chief technology officer, wrote on the company’s blog.
Windows and iOS devices are not affected by the breach. However, Android app users need to upgrade their app and re-download offline playlists.
Spotify is a music streaming digital service that gives you access to millions of songs.
Anonymous Philippines attacked several Chinese government and commercial websites in protest of China”s bullying against its Asian neighbors in solely claiming the South China Sea.
According to Anonymous facebook post, almost 200 websites were defaced in the attack. Many of them remained down until Tuesday.
Anonymous Philippines posted “China’s alleged claim on maritime territories and oppressive poaching can no longer be tolerated.”
“The operation was a success, we might not have brought China to it”s [sic] knees but we gave hope to our brothers and sisters, because hope is what we need right now,” Anonymous Philippines said on its Facebook page. “Hope that someday people will stand up and fight back!”
Recently, Philippine authorities have detained Chinese fishermen for poaching sea turtles in Spratlys island.
China and the Philippines are among the six countries–along with Taiwan, Vietnam, Malaysia and Brunei–which claim the South China Sea and its island chains and shoals in whole or in part.
In a news report from ZDnet, Apple admitted that they are working on the iOS 7 flaw that could left mail attachments unencrypted making it vurnerable to potential hacks and other criminal deeds.
The bug, reported by Andreas Kurtz, means that iOS email attachments are stored unencrypted in certain instances:
I verified this issue by restoring an iPhone 4 (GSM) device to the most recent iOS versions (7.1 and 7.1.1) and setting up an IMAP email account1, which provided me with some test emails and attachments. Afterwards, I shut down the device and accessed the file system using well-known techniques (DFU mode, custom ramdisk, SSH over usbmux). Finally, I mounted the iOS data partition and navigated to the actual email folder. Within this folder, I found all attachments accessible without any encryption/restriction
In a statement release by Apple, the company said that they are aware of the vurnerability and are currently working on a fix that will be deliver in future software update.
Although the email bug is scary, it is difficult to exploit and would require an attacker to physically have your phone and brute force or jail break-bypass the passcode or password.
iPhone 4s and later devices that has an updated iOS 7.1+ is not affected by the flaw.