Connect with us

Technology

Make-me-admin holes found in Windows, Linux kernel • The Register

Published

on

Move over, PrintNightmare. Microsoft has another privilege-escalation hole in Windows that can be potentially exploited by rogue users and malware to gain admin-level powers.

Meanwhile, a make-me-root hole was found in recent Linux kernels.

Recent builds of Windows 10, and the preview of Windows 11, have a misconfigured access control list (ACL) for the Security Account Manager (SAM), SYSTEM, and SECURITY registry hive files.

As a result of this blunder, non-administrative users may read these databases, if a VSS shadow copy of the system drive is present, and potentially use their contents to gain elevated privileges. According to a US-CERT advisory, the issue appears to affect Windows 10 build 1809 and newer.

The advisory states that, if successfully exploited, this bug, dubbed by some as HiveNightmare, can be used to:

Or, shorter, “a local authenticated attacker may be able to achieve [local privilege escalation], masquerade as other users, or achieve other security-related impacts.” This can be used to thoroughly infect a system with malware, snoop on other users, and so on.

You may think you’re safe because your Windows PC doesn’t have a suitable VSS shadow copy, yet there are ways to end up quietly creating one and put your machine at risk.

According to the advisory: “Note that VSS shadow copies may not be available in some configurations, however simply having a system drive that is larger that 128GB in size and then performing a Windows Update or installing an MSI will ensure that a VSS shadow copy will be automatically created.”

US-CERT describes how to detect whether you have VSS shadow copies available, and it involves running vssadmin list shadows as a privileged user and seeing if any shadow copies are listed.

The VSS shadow copies are a key ingredient because the registry hive files are in use by Windows during normal operation, so can’t be accessed by a normal user even with the loose ACL. However, if shadow copies available, you’ll find you can open copies of the files for inspection thanks to the sloppy ACL.

Microsoft is aware of the flaw, which is assigned the ID CVE-2021-36934, and said:

Once word of the flaw got out earlier this week, it did not escape the attention of the infosec community. Mimikatz creator Benjamin Delpy tweeted:

Referring to the VSS requirement for exploitation, Delpy told The Register: “The snapshot is not the real problem, it’s the ACL.” And you don’t need to crack the hashes; it may be possible to use Mimikatz, for instance, to elevate privileges using this extracted data.

Delpy shared a video demonstrating just that, crediting Jonas Lykkegaard for spotting the ACL blunder.

It’s not a clear-cut issue, as some people claim their Windows 10 installations are not vulnerable when the deployments should be. We await more info from Microsoft. In the meantime, see the above advisory for instructions on mitigating the vulnerability. ®

It’s not just Windows: a security hole has been discovered in Linux kernels since version 3.16 that can be exploited by rogue users and malware already on a system to gain root-level privileges. The vulnerability has been assigned the ID CVE-2021-33909.

Dubbed Sequoia by the Qualys team that found and responsibly reported the flaw, we’re told the bug is present in “default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely vulnerable and probably exploitable.” Thus, check for updates and install them as soon as you can as patches should be available by now now or shortly for your distro.

Technical details of the file-system-code-level programming blunder are here. Qualys’ proof-of-concept exploit required 5GB of RAM and a million inodes to succeed.

Qualys also found another security weakness in Linux systems, CVE-2021-33910, a denial-of-service kernel panic via systemd. Patches are also available so grab those updates, too.



Source link

Technology

Google, Apple and Microsoft report record-breaking profits | Google

Published

on

Google, Apple and Microsoft reported record-breaking quarterly sales and profits on Tuesday night as the firms continue to benefit from a pandemic that has created a “perfect positive storm” for big tech.

Apple made a $21.7bn (£15.6bn) profit for the three-month period that ended in June, its best fiscal third quarter in its 45-year history, boosted by strong sales of the iPhone 12 and growth in its services business.

Alphabet, Google’s parent company, reported second-quarter revenue of $61.8bn (£44.5bn), a 62% increase on the same period a year earlier, and a profit of over $18.5bn (£13.3bn), more than twice its profits for the same period last year. The company’s advertising revenues rose 69% from last year.

Microsoft, too, beat expectations, reporting revenues of over $46bn (£33bn) for the quarter – a rise of 21% compared to the same quarter last year.

The results come after Tesla reported a record profit on Monday in one of the busiest ever weeks for quarterly US earnings results. The big tech blowout earnings continue with Facebook on Wednesday and Amazon on Thursday.

Collectively, the market value of Google, Amazon, Apple, Microsoft and Facebook is now worth more than a third of the entire S&P 500 index of America’s 500 largest traded companies, as their share prices have soared during the pandemic.

Thomas Philippon, an economist and professor of finance at New York University, said big tech firms have been the biggest economic winners from the pandemic as global lockdowns have pushed more businesses and consumers to use their services.

“They were already on the rise and had been for the best part of a decade, and the pandemic was unique,” Philippon said. “For them it was a perfect positive storm.”

Analysts at Morgan Stanley reckon Alphabet is on course to achieve full-year net income of $65bn, a 59% increase on 2020. Its annual sales are, the bank reckons, on track for $243bn – a $60bn increase on last year.

Alphabet’s shares have risen by 75% in the past year to a record $2,670, but analysts predict they could climb higher still despite regulators around the world threatening to curb its dominance of the internet search market. Morgan Stanley said the stock could reach as high as $3,060, and even under a worse case scenario is unlikely to fall below $1,800.

Morgan Stanley analyst Brian Nowak said pandemic lockdowns had boosted Google as consumers spent more time online researching potential purchases. He said survey data showed that 54% of retailers ranked Google search products, including YouTube, as “their first place to go to research products online, up from 50% in past surveys”.

“Google websites growth is likely to rebound in ’21 as we believe there are several underappreciated products driven by mobile search, strong YouTube contribution, and continued innovation, such as Maps monetisation,” Nowak said in a note to clients.

Apple has been making so much money that over the past eight years it has bought back $421bn worth of shares, but it still has about $80bn of cash sitting on its balance sheet.

When Microsoft reported a 31% rise in profits at its last quarterly results, its chief executive, Satya Nadella, said it was “just the beginning” as the shift to digital technology was “accelerating” fast.

Sign up to the daily Business Today email

The share price rise of the big tech firms has made billions for their super-rich founders and early investors. Forbes magazine calculated recently that there are now 365 billionaires who made their fortunes in technology, compared with 241 before the pandemic.

Collectively, the world’s tech billionaires hold personal fortunes of $2.5tn, up 80% on $1.4tn in March 2020. Amazon’s founder and chief executive, Jeff Bezos, remains the world’s richest person with an estimated $212bn fortune, and is closely followed in the league table of the wealthy by Tesla co-founder Elon Musk with $180bn, Microsoft co-founder Bill Gates with $151bn, and Facebook’s Mark Zuckerberg with about $138bn.

Zuckerberg believes the internet will take on an even bigger role in people’s day-to-day lives in the future, and instead of interacting with it via mobile phones people will be immersed via virtual reality headsets.

He said Facebook would transition from a social media platform to a “metaverse company”, where people can work, play and communicate in a virtual environment. Zuckerberg said it would be “an embodied internet where instead of just viewing content – you are in it”.

Source link

Continue Reading

Technology

Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam • The Register

Published

on

The Tech Support Scams YouTube channel has been erased from existence in a blaze of irony as host and creator Jim Browning fell victim to a tech support scam that convinced him to secure his account – by deleting it.

“So to prove that anyone can be scammed,” Browning announced via Twitter following the attack, “I was convinced to delete my YouTube channel because I was convinced I was talking [to YouTube] support. I never lost control of the channel, but the sneaky s**t managed to get me to delete the channel. Hope to recover soon.”

To fool Browning, the ruse must have been convincing: “I track down the people who scam others on the Internet,” he writes on his Patreon page. “This is usually those ‘tech support’ call frauds using phone calls or pop-ups. I explain what I do by guiding others in how to recognise a scam and, more importantly, how to turn the tables on scammers by tracking them down.”

Browning has made a name for himself with self-described “scam baiting” videos, in which he sets up honeypot systems and pretends to fall for scams in which supposed support staffers need remote access to fix a problem or remove a virus – in reality scouring the hard drive for sensitive files or planting malware of their own.

“I am hoping that YouTube Support can recover the situation by 29th July,” Browning wrote in a Patreon update, “and I can get the channel back, but they’ve not promised anything as yet. I just hope it is recoverable.”

Whether Browning is able to recover the account, and the 3.28 million subscribers he had gathered over his career as a scam-baiter, he’s hoping to turn his misfortune into another lesson. “I will make a video on how all of this went down,” he pledged, “but suffice to say, it was pretty convincing until the very end.”

Tech support scams have been going on for about as long as people have needed technical support, but a report published by Microsoft last month suggested the volume may be declining. The same report found that the 18-37 age group was the most likely to fall victim – and that 10 per cent of those surveyed had lost money to a scammer.

YouTube was approached for an explanation of how deleted accounts could be restored and what precautions it has in place to prevent its users – even those with considerable experience in the field of con-artistry – from falling victim to tech support scams, but was unable to provide comment in time for publication.

Browning did not respond to a request for comment. ®



Source link

Continue Reading

Technology

Orion the humpback whale ‘a dream sighting’ for marine observers

Published

on

A member of the Irish Whale and Dolphin Group spotted the humpback whale while out conducting a survey on marine life off the Donegal coast.

Marine mammal observer Dr Justin Judge described the moment he spotted a lone humpback whale off the coast of Donegal as “a dream sighting.”

Judge spotted the whale at 9.30 on the morning of 9 July while representing the Irish Whale and Dolphin Group (IWDG) on board the Marine Institute’s RV Celtic Explorer.

The group of researchers and observers was out on the waters around 60 kilometres north-northwest of Malin Head when they saw the whale. They were carrying out the annual Western European Shelf Pelagic Acoustic (WESPAS) survey.

“This is a dream sighting for a marine mammal observer,” Judge said. He explained that the creature would be nicknamed Orion – which had a personal meaning for Judge and his family.

“The individual humpback whale ‘Orion’ has been named after the Greek mythological hunter, since the whale was moving with the fish stocks for food. It is also my son’s middle name so fitting on both fronts,” Judge said.

Support Silicon Republic

He added that the team had also observed “a lot of feeding action from a multitude of cetacean species that day, including bottlenose, common, Risso’s and white-sided dolphins, grey seals and minke whales.”

To date, the IWDG has documented 112 individual humpback whales in Irish waters since 1999, many of which are recorded year after year. Humpback whales are frequent visitors to Irish waters as they are an ideal feeding area for humpback whales stopping off in the area on their migration across the Atlantic.

The beasts are identifiable thanks to the distinctive pattern on the underside, which is unique to every individual whale.

“Observing any apex predator in its natural environment is exciting but a new humpback whale for Irish waters, this is special,” WESPAS survey scientist, Ciaran O’Donnell of the Marine Institute said.

The Marine Institute’s WESPAS survey is carried out annually, and surveys shelf seas from France northwards to Scotland, and west of Ireland. WESPAS is the largest single vessel survey of its kind in the Northeast Atlantic, covering upwards of 60,000 nautical miles every summer. The survey is funded through the European Maritime Fisheries and Aquaculture Fund under the Data Collection Programme which is run by the Marine Institute.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!