Thursday, 22 February 2018

On 13:58 by Vismit Rakhecha   No comments
Iran is thinking about developing its own cryptocurrency, according to the country’s ICT minister. The news comes just days after Venezuela launched its petro cryptocurrency that is fixed to the price of a barrel of oil. Both countries see cryptocurrencies as a way of allowing money to flow into the respective countries, essentially getting around U.S.-imposed sanctions. The developments are also significant because they’re some of the first countries to officially adopt cryptocurrencies.

در جلسه‌ای که با هیئت مدیره پست بانک در خصوص ارزهای دیجیتال مبتنی بر زنجیره بلوکی داشتم، مقرر شد این بانک اقدامات لازم برای پیاده سازی آزمایشی اولین ارز دیجیتالی کشور را با استفاده از ظرفیت نخبگان کشور به عمل آورد. مدل آزمایشی برای بررسی و تایید به نظام بانکی کشور ارائه خواهد شد.
In a post on Twitter, which has been roughly translated below, the ICT minister, Mohammad-Javad Azari Jahromi, said:
“In a meeting with the board of directors of Post Bank on digital currencies based on the blockchain, I … prescribed … measures to implement the country’s first cloud-based digital currency.”

A grandes problemas, ¡grandes soluciones! Desde el primer minuto el juego arrancó bien, y arrancamos ganando: 4.777 millones de yuanes o 735 millones de dólares es el resultado inicial de las operaciones de intención de compra del Petro.
On Wednesday, Nicolas Maduro, tweeted out to followers that the newly minted petro cryptocurrency had raised $735 million. Both Iran and Venezuela are members of the Organization of the Petroleum Exporting Countries (OPEC) so it would make sense if Iran, too, pegged its potential offering to the price of a barrel of oil, once it has finally been approved and developed.
It’s fair to say that cryptocurrencies are starting to enter a new phase, with national governments deploying them. Aside from Iran and Venezuela, Russia has also show an interest in developing an offering called CryptoRuble.

Wednesday, 21 February 2018

On 09:05 by Vismit Rakhecha   No comments
Google's Project Zero team of security researchers is tasked with finding bugs in software products developed by the firm itself as well as those from other tech giants. On successfully finding a flaw, the researchers report it to the relevant company and provide them with 90 days to fix the issue before it is made public.
Over the past couple of years, the initiative has disclosed several vulnerabilities in the same manner. Now, Project Zero has exposed a "high" severity security flaw in Windows 10.
According to the report in the Project Zero directory, the issue has been definitively tested on Windows 10 version 1709.
The flaw in question relates to the SvcMoveFileInheritSecurity remote procedure call (RPC), which if exploited, can lead to an arbitrary file being assigned an arbitrary security descriptor, that can potentially lead to elevation of privilege.
The remote procedure call makes use of the MoveFileEx function call which moves a file to a new destination. The problem occurs when the RPC moves a hardlinked file to a new directory which has inheritable access control entries (ACEs). Now even if the hardlinked file doesn't allow deletion, it can be allowed based on the permissions provided by the new parent directory that it has been moved to.
This essentially means that even if the file is read-only, if the server calls the SetNamedSecurityInfo on the parent directory, it will be able to assign it an arbitrary security descriptor, which would potentially allow other users on the network to modify it.
The security researcher who discovered this flaw has also attached a proof-of-concept code in C++ which creates a text file in the Windows folder, and abuses the SvcMoveFileInheritSecurity RPC to overwrite the security descriptor to allow access to everyone.
The security researcher went on to say that:
Some additional notes about this issue. Firstly based on the fix for issue 1427 this only affects Windows 10, it does not affect any earlier versions of Windows such as 7 or 8.1. However I've not verified that to be the case but there's no reason to believe it's incorrect. MS consider this to be an 'Important' issue, but crucially not a 'Critical' issue. This is because this issue is an Elevation of Privilege which allows a normal user to gain administrator privileges. However in order to execute the exploit you'd have to already be running code on the system at a normal user privilege level. It cannot be attacked remotely (without attacking a totally separate unfixed issue to get remote code execution), and also cannot be used from a sandbox such as those used by Edge and Chrome. The marking of this issue as High severity reflects the ease of exploitation for the type of issue, it's easy to exploit, but it doesn't take into account the prerequisites to exploiting the issue in the first place.
According to the details presented in the report, the flaw - labeled "1428" - was disclosed as a "high" severity security issue to Microsoft on November 10, 2017, along with a similar security issue, dubbed 1427. The standard 90-day deadline was provided to resolve both the problems. When the issue proved difficult to fix, Microsoft asked for an extension in the deadline and released the supposed fix last week on Patch Tuesday.
However, contrary to what Microsoft may have believed, the patch fixed issue 1427, but detailed analysis from the Google researcher proves that 1428 - detailed above - still hasn't been resolved. As such, Google has informed the Microsoft Security Response Center (MSRC) that it is making the flaw visible to the public. It will be interesting to see if this disclosure accelerates the fixing of the bug given that it is now public knowledge accessible to everyone, even those with malicious intent.
Google has clarified to Neowin that it's just a coincidence that the two flaws have been publicly disclosed in such close proximity in terms of time, simply because the standard 90-day deadlines and 14-day grace periods aligned as such.
We have reached out to Microsoft for clarification regarding the security flaw, and will provide an update if the company responds.

Tuesday, 20 February 2018

On 15:08 by Vismit Rakhecha in    No comments

On 15:01 by Vismit Rakhecha   No comments
Facebook is now sharing the data of American users with a team of researchers led by Stanford economist Raj Chetty, who are aiming to find out more about economic inequality in the United States. According to estimates, about three-fifths of American adults use Facebook, so the researchers hope they can better explain how one percent of the population holds 40 percent of the country’s wealth.

While the study certainly seems like a better use of user data than targeting ads, privacy concerns are still raised. According to a source close to Chetty’s study, the data that is used has been stripped of any details that could be used to identify users, and that those involved with the study had to undergo background checks. Additionally, user data can only be accessed from “secure facilities”.

While the exact aim of the study is not entirely clear, Cecilia Muñoz, who led the Domestic Policy Council in the Obama White House, believes such studies are huge. She said:
“For a policy nerd like me, being able to see that quantifiable evidence about things lots of us have been debating in theory for a long time is absolutely huge. The notion that you can use data about people’s social interactions and begin to piece together, ‘OK, what is social isolation costing us?’ is a whole other ballgame.”
One of the reasons that Facebook may be allowing Chetty and his researchers access to the data is because of CEO Mark Zuckerberg’s growing interest in economic mobility. Last July, Zuckerberg made a Facebook post highlighting the benefits of Alaska’s Permanent Fund Dividend, a sort of basic income programme. In that post he said:
“Alaska’s economy has historically created this winning mentality, which has led to this basic income. That may be a lesson for the rest of the country as well.”
Despite the privacy concerns that come with Facebook's willingness to share user data, it’ll still be interesting to find out the results of the study, which is based on such a wealth of data.

Monday, 19 February 2018

On 12:30 by Vismit Rakhecha in    No comments
Researchers from the University of Tokyo announced last week a new advancement in wearable technology: A highly flexible electronic skin display that shows your health information, allowing you to monitor vitals at a glance.

Made from nanomesh, the display is flexible, breathable, and stretchable — it can stretch up to 45 percent of its original size. It contains a display of microLEDs which read out health information such as heart rate, temperature, or blood pressure. The information updates in real time, and the skin can be worn for up to a week.

Since it gives the biometric data to the user via a waveform readout, it eliminates the need for a phone or app to process the data. It can still be paired with a device or sent to cloud storage, or it can store the information locally.

The team, led by Professor Takao Someya, have worked on multiple kinds of e-skin sensors over the year. Last year, Someya co-authored a paper describing the device’s construction and how to make it breathable.

If nothing else, this brings up one step closer to the “bodyNET” that Stanford University researchers proposed last year — the full-body network of sensors and wearables that could potentially be the endgame for our human/tech interactions.

According to the university, the printing company which manufactures the skin hopes to have it ready for market in the next three years.
On 09:46 by Vismit Rakhecha in    No comments

On 09:22 by Vismit Rakhecha   No comments
A bug in the Anti-Malware Scan Interface in Windows 10 could allow malware to go undetected in scans if the code contained a null character.

Introduced with Windows 10, the Anti-Malware Scan Interface (AMSI) is a security apparatus that acts as a go-between for applications and your anti-virus. It allows applications to check if the files they're using are safe by sending them to be checked by the anti-virus.

One of the most important roles of AMSI is to check executable files on start-up and to scan further resources that may be opened by an application after start-up. It's essentially useful given a growing trend among malicious actors to circumvent the traditional signature-based anti-virus engines by masquerading their attacks through the use of PowerShell scripts running on otherwise legitimate applications.

The bug, as discovered by researcher Satoshi Tanda, causes files sent to be scanned by the AMSI to be truncated at a null character. This would mean that an attacker could easily hide malicious code in a script by placing it after a null character. Since AMSI would never read this code, the malware would pass without any warning bells going off.

Thankfully, the bug has been fixed by the latest Patch Tuesday release by Microsoft. "In theory, no action other than applying the patch should be required. However, software vendors using AMSI to scan PowerShell contents should review whether it can handle null characters properly should they appear".

Source : BleepingComputer