A Fuzzer for Windows NDIS Drivers OID Handlers developed by @kiqueNissim of @IOActive: https://t.co/JSF9tm9CMM … anyone interested in fuzzing, in general, is welcome to a digital copy of @pedramamini's book on the matter: https://t.co/y0pVF1QKhj bit dated, but still applicable.
— InQuest (@InQuest) November 8, 2018
Monday, April 23, 2018
HooToo TripMate Routers are Cute But Insecure
By Tao Sauvage
[…] While HooToo TripMate routers are cute, they are also extremely insecure. Multiple memory corruptions, multiple OS command injections, arbitrary file upload, and arbitrary firmware update: all of them unauthenticated.[…]
Excerpt of advisory below, see full one for list of drivers impacted.
DoS in Kernel in multiple versions of the Intel Graphics Driver allows local attacker to perform a DoS via an Out of Bounds Read
Intel ID: INTEL-SA-00077
Product family: Mobile, Desktop, Server, Workstation, and Embedded processors based on Intel® Core™ and Atom™ Processors using an affected driver.
Impact of vulnerability: Denial of Service
Severity rating: Moderate
Original release: Jul 31, 2017
Last revised: Aug 01, 2017
Out-of-bounds read condition in older versions of some Intel® Graphics Driver for Windows code branches allows local users to perform a denial of service attack. Intel recommends that users download and upgrade to the latest supported driver. Intel would like to thank Enrique Nissim of IOActive for reporting this issue and working with us on a coordinated disclosure.
Tao Sauvage of IOActive has a blog post on reversing the U-Boot-based BHU WiFi uRouter to find multiple vulnerabilities:
ICIT Brief: Who’s Behind the Wheel? Exposing the Vulnerabilities and Risks of High Tech Vehicles
The July 2015 remote hack of a Jeep Cherokee by security researchers from IOActive served as a catalyst which made vehicle cybersecurity a top priority for the automotive industry, consumers and lawmakers. Since then, Chrysler has recalled 1.4 million Jeeps to patch vulnerabilities and lawmakers have proposed various pieces of legislation to address cybersecurity in vehicles, including the Security and Privacy in Your Car (SPY Car) Act from Senators Markey (MA) and Blumenthal (CT). In response to the need for legislative and agency education on the issue of vehicle cybersecurity, ICIT has partnered with its Fellow IOActive on a brief entitled “Who’s Behind the Wheel? Exposing the Vulnerabilities and Risks of High Tech Vehicles“. The brief provides a detailed breakdown of the July 2015 Jeep Cherokee hacking demonstration and an analysis of how hackers would behave during a ‘real-world’ attack. […]