Category: News

Reverse Engineering WebAssembly

Posted on 4 July 2020

From medium.com

This is an abridged version of http://www.pnfsoftware.com/reversing-wasm.pdf. For additional details, including footnotes, as well as better formatting of code snippets, the thorough reader is recommended to check the original PDF.

This article is an introduction to WebAssembly geared towards reverse-engineers. It focuses on understanding the binary format, virtual machine, execution environment, implementation details and binary interfaces, in order for the reader to acquire the skills to analyze wasm binary modules. The annex details the representation of WebAssembly in JEB and how to use it to analyze wasm binary modules.

Read more…

Cisco Discloses Details of Chrome, Firefox Vulnerabilities

Posted on 4 July 2020

From securityweek.com

Cisco’s Talos threat intelligence and research group this week disclosed the details of recently patched vulnerabilities affecting the Chrome and Firefox web browsers.

The Chrome flaw, tracked as CVE-2020-6463 and classified as high severity with a CVSS score of 8.8, was patched by Google in April with the release of Chrome 81.0.4044.122. The tech giant awarded a $5,000 bounty for the bug.

The vulnerability, described as a memory corruption issue, impacts PDFium, the open source PDF renderer used by Chrome and other applications. An attacker could exploit the weakness for remote code execution in the browser by getting the targeted user to open a specially crafted document that contains JavaScript code.

“PDFium supports execution of Javascript scripts embedded inside PDF documents. As Chrome itself, PDFium uses V8 as its Javascript engine. This vulnerability lies in a way V8 in a specific configuration processes regular expressions,” Talos explained.

Read more…

Hackers hacked Twitter account of the Russian Foreign Ministry and put up for sale data from tourists

Posted on 4 July 2020

From ehackingnews.com

Hackers hacked the Twitter account of the situation and crisis center of the Russian Foreign Ministry and put up a database of Russian tourists there for sale. The Foreign Ministry confirmed the hacking but called the message about the sale of data false. The Department said that the account has now been restored and is fully functioning.

Hackers offered to buy the database for June 2020 for 66 bitcoins (about $9000). They claimed that the database contains more than 115 thousand people. A Jabber account was specified for communication.

Read more…

How to run an SSH connection through Tor

Posted on 4 July 2020

From techrepublic.com

SSH is, by design, a fairly secure means of gaining shell access to remote machines. However, there are always ways to eke out a bit more security and privacy from these connections.

One such method is with the help of Tor. With Tor, you can add a level of anonymity and even hide your services from prying/hacking eyes.

I’m going to walk you through the process of making SSH connections over Tor. The process isn’t terribly difficult so anyone that administers SSH should be able to make this work.

Read more…

Police take down encrypted criminal chat platform EncroChat

Posted on 3 July 2020

From zdnet.com

Law enforcement in the United Kingdom has touted the takedown of encrypted communications platform EncroChat as its “biggest ever” operation, so far resulting in the arrest of 746 individuals, the seizing of £54 million in cash, 77 firearms, and over two tonnes of drugs.

EncroChat was one of the largest providers of encrypted communications and offered a secure mobile phone instant messaging service. Its sole use was for coordinating and planning the distribution of illicit commodities, money laundering, and plotting to kill rival criminals, the UK’s National Crime Agency (NCA) said.

Read more…