Critical Privilege Escalation Flaw Risks 900K+ MikroTik Routers

0
[ad_1]

Heads up, MikroTik users! The router firm has recently patched a critical-severity privilege escalation flaw affecting over 900,000 MikroTik routers. Users must update their routers immediately with the latest firmware releases to avoid potential exploits.

MikroTik Routers Exhibit A Critical Security Flaw

According to a recent report from VulnCheck, the researchers have found a new way to exploit a critical privilege escalation vulnerability in MikroTik routers.

As explained, the vulnerability is a simple privilege escalation flaw that gives “Super Admin” privileges to an authenticated admin.

Although, it requires authentication, which makes the vulnerability seem difficult to exploit. However, the researchers explained that gaining the credentials is trivial since the devices shipped with the default RouterOS configurations have a built-in “admin” user. Moreover, it has a default blank password, and it never pinged the users to reset the blank password until RouterOS version 6.49.

On top of that, the firmware won’t implement any restrictions for resetting the password, letting the users even proceed with simple passwords that an adversary may easily brute-force. Also, the researchers found the routers lacking brute-force protection measures, enabling the researchers easily exploit the flaw.

The researchers have demonstrated a possible attack scenario in the following video. However, they refrained from sharing a detailed proof-of-concept to prevent mass-scale exploitation attempts.

The vulnerability, CVE-2023-30799, first made it to the news in 2022 when researchers from Margin Research discovered it. The researchers also shared an exploit, “FOISted,” at that time to demonstrate the attack. However, the vulnerability only received the CVE number lately when VulnCheck developed more ways to exploit the flaw.

Specifically, while they used the same FOISted exploit to trigger the flaw, they could attack more devices. Precisely, their strategy makes over 900,000 MikroTik routers (as found exposed on Shodan) vulnerable to attacks.

Patch Deployed From MikroTik

MikroTik patched the vulnerability again, releasing the fix with RouterOS stable v6.49.7 in October 2022. But following VulnCheck’s report demonstrating more ways to exploit, the vendors released the patch with RouterOS Long-term v6.49.8.

Given the severity of the issue, all users must ensure updating their devices with the latest firmware release immediately.

Let us know your thoughts in the comments.


[ad_2]
Source link

See how Samsung put the Galaxy Z Fold 5 and Flip 5 to the test

0
[ad_1]

The Samsung Galaxy Z Fold 5 and Galaxy Z Flip 5 are the company’s latest foldable devices and one question users are probably asking is “how is the reliability of things like the hinge?” Well, Samsung is here to answer some of those questions.

The company has published a video on its official Samsung Newsroom Korea YouTube channel that goes over the “rigorous” reliability tests that each device was subjected to. It’s a rare look into what goes on in the labs when testing these devices. And a potentially great source of information for anyone looking to buy one.

Naturally, people are going to want to know how the screen and hinge hold up. Understandable, since these phones will be folded over and over and over. To that end, one of the many tests that Samsung conducts is a folding test. In one of its labs, rows of Galaxy Z Flip 5 and Galaxy Z Fold 5 phones are lined up and secured into machines to test the folding reliability. These machines then fold the phones and unfold the phones continuously. Samsung says phones are Bureau Veritas tested and certified for 200,000 folds. This test happens at a room temperature of 77 degrees Fahrenheit or 25 degrees Celsius.

So there you have it. Each phone is folded 200,000 times. Samsung tests the phones in other ways too. All to give consumers peace of mind that they can stand up to daily use.

Galaxy Z Fold 5 and Flip 5 reliability tests are pretty broad

The folding test is an obvious one to do, since these are foldable phones. It’ll be a natural everyday motion that all users are going to be doing with their devices. But Samsung’s testing goes far beyond just folding.

This includes IPX8 and IPX4 water resistance tests. Which subjects the phones to submersion in water and being pelted with water from numerous high-pressure jets from multiple angles. Samsung also puts each phone type in tumble boxes. A series of other tests includes continuous use of the S Pen on the screen, a drop test, and a steel ball test. Where a small steel ball is dropped onto the unfolded display over and over.

If you’re curious to watch the tests yourself, you can see them in Samsung’s brief video below. Samsung’s Galaxy Z Fold 5 and Galaxy Z Flip are both available for pre-order as of this week, and will be launching in the near future.


[ad_2]
Source link

X (Twitter) will get audio & video calling soon

0
[ad_1]

Elon Musk is right in the middle of Twitter rebranding. As many of you know, Twitter is becoming ‘X’, basically. The new logo is here, as is a new name, but the remains of Twitter are still visible. Many new features are also coming to X, including audio and video calling, it seems.

X aka Twitter will get audio & video calling features soon

This information comes from Abhishek Yadav, a tipster. He shared what seems to be a screenshot taken on an iOS device, showing both audio and video calling options. You can see that screenshot below.

Twitter X audio video calling coming

It seems like you’ll be able to allow who can call you. You’ll be able to choose between people in your address book, people you follow, people who subscribe to you, verified users, and everyone. You’ll be able to mix and match these options.

We’re not sure if this will be limited to paid subscribers or not

We’re not sure when this feature is coming, though, nor whether it will be available to everyone, or just paid subscribers. Considering this screenshot is already out there, we presume that the feature is coming soon.

This is not the only new feature that is expected to land on X soon, not at all. Elon Musk wants to make ‘X’ into an “everything app”, as he’s inspired by China’s WeChat. He talked about that in the past.

So, a recent report suggested that job listings are coming to X, and then Twitter’s CEO confirmed plans for banking and payment features too. We’re only scratching the surface here.

You can expect X to mark a considerable change for Twitter, as the app will become a lot more versatile, and won’t focus solely on the social media aspect of things. We do expect many more such reports to surface in the near future, so stay tuned.


[ad_2]
Source link

Google Maps on Android Auto gets a design tweak that will help drivers on the road

0
[ad_1]
Google Maps is rolling out a new design for the Maps app on Android Auto. The new design adds a sidebar to the Maps experience in your car where controls live.

Previously, map controls were only displayed when you interacted with the map. But with the new design, the controls are always visible in a translucent bar on the left side of the screen.

This information comes from SmartDroid and 9to5Google, which have been able to replicate this experience as seen in the screenshot above. The new translucent bar’s controls includes zoom, changing the map’s orientation, changing what is said out loud by the assistant, and access to additional settings.
The new design appears to be in its testing stages although some users are already reporting seeing it on Android Auto v10 and v9.9 with Google Maps v11.90. This version isn’t live yet for everyone and it is not yet clear if the new design will be available for older versions of Android Auto.
The new Android Auto design has a very significant benefit: It makes it easier to access map controls while you’re driving since they are now positioned closer to the driver — at least in the U.S. — and you no longer have to fumble around with the touchscreen to find the controls you need. Even if you’re not familiar with the app, this new design makes the most used controls more visible and easier to get to.Note, though, that this view only shows up when the app is taking up the full screen and not when it is using the Coolwalk split-view redesign that Android Auto introduced a few months back. This also follows a redesign of how the Google Assistant appears in your console, showing more consistency with what you see when you use the Assistant on your phone.

That said, this tweak to Maps on Android Auto is a welcome improvement. It makes it easier to use Maps while you’re driving, and it provides a more consistent look and feel across Android Auto apps.


[ad_2]
Source link

Microsoft Message Queuing Service Flaw Allows DoS Attacks

0
[ad_1]

Reports indicate that there have been three critical flaws including DDoS and Remote code execution discovered in the Microsoft Message Queuing Service (MMQS).

These vulnerabilities existed in the message parser header that allowed unsanitized crafted message-headed inputs in one of the message header fields.

MMQS was developed by Microsoft for enabling separately hosted applications to communicate with each other in a restricted manner that does not affect the system.

MSMQ queues the messages that did not reach the destination and resend them when the destination systems become reachable.

However, Microsoft has released patches for these vulnerabilities.

CVE-2023-28302:

This is an out-of-bounds that exists due to a lack of bounds checks as EodHeader, StreamIdSize, and OrderQueueSize are not validated potentially leading to a Denial-of-Service attack. The CVSS score for this vulnerability is given as 7.5 (High).

CVE-2023-21554:

This is an out-of-bounds write vulnerability that exists due to the lack of bound checks in CQmPacket::CQmPacket which reads the message header without proper sanitization.

This could potentially lead to unauthenticated remote code execution. The CVSS score for this vulnerability is given as 9.8 (Critical).

CVE-2023-32057:

This is an out-of-bounds write vulnerability that exists due to a lack of bounds when reading message headers that have not performed a sanity check on their data structure.

This could potentially lead to unauthenticated remote code execution. The CVSS Score for this vulnerability is given as 9.8 (Critical).

Technical Analysis

These flaws exist in port 1801, which is the standard TCP port used for MMQS. The incoming message packet consists of required headers and many optional headers.

MQQL.DLL is responsible for parsing these message packets. The message header parser can handle concurrent messages which allows fuzzing.

When researchers injected a custom unsigned DLL into services.exe, an error popped up as the Code Integrity Guard (CIG) blocked the loaded unsigned binary. Untrusted binaries cannot be loaded or executed when the User-Mode Integrity check (UMIC) is enforced.

CIG blocks unsigned custom DLL (Source: Fortinet)

As a workaround, the following steps were performed which were done with the help of the documentation provided by Microsoft.

  1. Enable UMCI path exclusions.
  2. Enable UMCI audit mode.
  3. Before the exit of CI!CiInitializePolicy, CI!g_CiDeveloperMode|2 bitmask must be set.
  4. PsProtectedLight must be unset on the target process with the help of EPROCESS.Protection
  5. DisableDynamicCode and AuditDisableDynamicCode must be unset on the target process via EPROCESS.MitigationFlagsValues

After these steps, a custom DLL can be used to install a hook on the service host process which enables the monitoring of creation and termination of the target process.

In addition to this, a debugger must also be installed which will give complete control over the target process.

In order to capture the complete trace of the target process, the Windows Time-Travel-Debugger (TTD) is used. With a little research, researchers were able to craft a structure-aware fuzzer that can align the data in accordance with its format.

BaseHeader, UserHeader, and MessagePropertiesHeader are some of the main headers that must be used in an MSMQ packet. TransactionHeader, SecurityHeader, DebugHeader, SessionHeader are considered as additional headers that can exist along with the main headers.

The sequence of the Message packet headers (Source: Fortinet)

However, one of the critical vulnerabilities existed due to one of the message headers that does not have proper sanitization on the message header parser.

The message header parser will check the message packets with the sequence of the headers. This triggers an out-of-bound write vulnerability in the MSMQ.

Fortinet has published a complete report on these vulnerabilities. Microsoft has also released security patches for these vulnerabilities. Users of these services are recommended to update the Microsoft patches for preventing these vulnerabilities from getting exploited.

Protection Signatures

  • MS.Windows.MSMQ.CVE-2023-21554.Remote.Code.Execution
  • MS.Windows.Message.Queuing.Service.CVE-2023-28302.DoS
  • MS.Windows.Message.Queuing.Service.CVE-2023-21769.DoS
  • MS.Windows.MSMQ.CompoundMessage.Remote.Code.Execution

Stay up-to-date with the latest Cyber Security News; follow us on GoogleNewsLinkedinTwitterand Facebook.


[ad_2]
Source link

AT&T Unlimited Elite plan subscribers must now pay more per month

0
[ad_1]

If you’re still subscribed to the now discontinued Unlimited Elite plan on AT&T, you will have to start paying more for your bill every single month.

That’s likely the last thing consumers want to hear, but such is the way of things in the ever-changing landscape of the wireless industry. AT&T officially says the price increase is to “continue to deliver the great wireless service you expect.” But it wouldn’t be surprising if this move was to try and force subscribers onto the new plan. Last year, AT&T officially replaced the Unlimited Elite plan with the Unlimited Premium plan.

This new plan was mostly the same, save for a couple of changes. It lost the free Max (previously HBO Max) subscription for one. But it also gained additional data for the hotspot in the form of 10GB more. So all-in-all, a good deal according to AT&T. Unless you don’t use the hotspot but do use the Max service often.

Luckily AT&T didn’t require subscribers to move off of this plan. But it does seem content with charging more to those that stay with it.

AT&T Unlimited Elite plan subscribers will pay more per line

The one good bit of news about this change is that it isn’t happening today. According to the report from Phone Arena, AT&T is implementing these plan increases at the start of the August bill cycle. That being said, the August bill cycle won’t be the same for everyone. So whenever that is for you, that’s when your bill will start costing more.

Here’s how the increase in price breaks down. Subscribers will be paying $2.50 more per month per line. So if you only have one line on one of these plans, your bill is only going up by $2.50 a month. But if you have 5 lines, then your bill will increase by $12.50 a month. Everything else stays the same. There is also a way to sort of offset these increased monthly costs. If you don’t already have autopay set up for your account, doing so will shave $10 off your monthly bill. Something we’d highly recommend doing if you can since it could save you money.


[ad_2]
Source link

Samsung suffered a 95% drop in profit in Q2 2023

0
[ad_1]

It has been a terrible first half of 2023 for Samsung, at least financially. Declining prices of memory chips have hit its earnings hard. The Korean firm’s operating profit dropped to a 14-year low in the first quarter of the year. The Q2 2023 profit didn’t see any significant uptick.

According to Samsung’s latest quarterly earnings report, it made KRW 60.01 trillion (approx. $48.8 billion) in consolidated revenue in the second quarter of the year. That’s a relatively healthy figure and just a six% drop from the KRW 63.75 trillion it generated in the previous quarter.

Even when we compare it with Samsung’s revenue for the same period last year (April to June 2022) when the company’s earnings were on the other end of the spectrum, it isn’t a massive drop. The Korean behemoth made KRW 77.2 trillion in Q2 2022, which means a 22% decline this year.

However, Samsung has struggled to convert its revenue to profit at a healthy rate. Its operating profit for Q2 2023 was just KRW 670 billion (approx. $522 million). That’s a profit margin of just 1.1%. More importantly, Samsung’s Q2 profit has dropped a staggering 95% annually from 2022. It took home KRW 14.1 trillion last time around.

The operating profit of KRW 670 billion this past quarter may be slightly better than what Samsung made in the first quarter (KRW 640 billion), but it’s far, far off from what the company usually makes. A 95% drop in quarterly profit in just a year is worryingly bad for a conglomerate as big as Samsung. And the company itself is to blame here, at least in some part.

Over-reliance on the memory chip business hit Samsung in Q2 2023

For years, the semiconductor division has been Samsung’s cash cow. To put that into perspective, almost 60% of the company’s total Q1 2022 profit (KRW 8.4 trillion out of KRW 14.12 trillion) came from semiconductors. Unfortunately, the chip industry has been suffering from huge price drops lately, and the Korean biggie is feeling the heat.

Samsung’s chip division posted a consolidated revenue of KRW 14.73 trillion in Q2 2023, but it still ended up losing KRW 4.36 trillion from this business unit. On the bright side, the Korean firm sees the market gradually moving toward stability in the second half of the year. It remains to be seen if the company’s semiconductor division will return to profitability in the third quarter.

Nonetheless, Samsung needs to find ways to improve its earnings from other business divisions. Despite being the world’s largest smartphone company, stiff competition in the Android space never allowed it to keep big margins. It earned KRW 3.04 trillion (approx. $2.4 billion) from mobile and network businesses in Q2 2023. Time will tell whether the newly launched Galaxy Z Fold 5 and Galaxy Z Flip 5 foldables help Samsung improve that figure in the third quarter.


[ad_2]
Source link

Google’s Play Store changes should improve the quality of apps for the Galaxy Z Fold 5

0
[ad_1]
In an effort to get Android app developers off their keisters to optimize their apps for Android tablets and other large-screened devices, Google announced in the Android Developers Blog that it has updated the Google Play Store in order to help those with tablets, foldables, and Chromebooks more easily find  “high-quality large-screened apps.” 
One change involves putting video banners on the listings of optimized games. Google says that this will allow users “to get a sense of gameplay in an immersive way.” The listing of these games has also been changed to include a multi-column layout that brings the content of the listing higher up on the page.

Another change made by Google involves ranking apps that follow Google’s new large screen app quality guidelines. The change will help Google promote apps that look better and are resized for larger screens, aren’t letterboxed, and support both landscape and portrait orientations. Google says that “Apps and games that adhere to our large screen app quality guidelines will now be ranked higher in search and Apps and Games Home.” Curated Android app collections will take all of these things into account as will Editor’s Choice in determining which apps to feature to users.

Google has also added a rail to the left side of the Play Store on Android devices sporting larger screens. This places menu items closer to users’ thumbs, especially in landscape mode. Google adds, “…we’ve moved the Top Charts and Categories sections to Apps and Games Home. On tablets and Chromebooks, we’ve made the Kids experience a primary tab, since these devices are often shared with children.”

And on large-screened devices, Google has changed the search experience by showing search results and app details side-by-side which means that users don’t have to switch back and forth between pages when looking for new apps.

The changes will be rolling out over the “coming weeks” and Google says that this is “just the beginning of our journey in creating a tailored Play Store experience for large screens.” Developers who don’t want to optimize their apps to look and work better on large-screened Android apps will, in theory, miss out on having their apps promoted compared to apps that have been optimized to meet Google’s standards.


[ad_2]
Source link

Ivanti Mobile Management Software Zero-Day Under Active Attack

0
[ad_1]

Organizations using the Ivanti EPMM mobile management software must update their systems immediately as hackers have started exploiting a zero-day vulnerability.

Ivanti Mobile Management Software Zero-Day

According to a recent advisory from Ivanti, the vendors have detected active exploitation of a zero-day vulnerability in their Endpoint Manager Mobile (EPMM) (formerly called “MobileIron Core”) mobile management software.

As stated, the vulnerability, CVE-2023-35078, is an authentication bypass flaw that allows an unauthenticated, remote adversary to infiltrate target servers and access the stored PII data and other restricted functionalities. The flaw has received a CVSS 10.0.

Ivanti confirms that the vulnerability affects all existing EPMM versions (Version 11.4 releases 11.10, 11.9, and 11.8, and older, including the EOL versions). Thus, it urges users to upgrade to the latest patched release to receive the patch.

Norway’s NSM Confirmed Suffering The EPMM Exploit Impact

As stated in the advisory, Ivanti noticed a “limited number of customers” to have suffered the impact following the exploitation. However, things do not seem as trivial as the advisory suggests since the impacted customers have started disclosing the impact they suffered.

The latest disclosure comes from the Norwegian National Security Authority (NSM). First, the NSM confirmed facing a cyberattack against the Department’s Security and Service Organization (DSS) due to a zero-day exploitation of software they used. While the organization initially hesitated to disclose the name of the software, the recent update confirmed that the incident happened due to the exploitation of CVE-2023-35078.

Besides confirming the exploit, NSM confirmed that the software update closed the vulnerability, confirming that the patch works. NSM also urged all known software customers to update their systems immediately to avoid potential threats.

Until the time of writing this story, Norwegian NSM remains the only Ivanti EPMM customer to have disclosed the impact. Yet, given how such exploitations quickly turn into devastating supply-chain attacks, as happened with the SolarWinds and the recent MOVEit incidents, it won’t be wrong to expect a growing list of Ivanti zero-day affectees too.

Let us know your thoughts in the comments.


[ad_2]
Source link

Samsung releases multiple promo videos for Galaxy Watch 6, Tab S9

0
[ad_1]

Samsung launched seven new Galaxy devices at its Unpacked event yesterday. The company unveiled two foldables, three tablets, and a couple of smartwatches. Shortly after the event, it began releasing promo videos showcasing these products and their key features. The Galaxy Z Fold 5 and Galaxy Z Flip 5 got themselves a handful of promo videos. Samsung has made similar videos for the Galaxy Tab S9 series and Galaxy Watch 6 series as well.

To begin with, we have the official unboxing videos of the Galaxy Tab S9 Ultra. Samsung has packed its latest flagship tablet in a minimalist box likely made of recycled materials. You get the tablet up top, with the S Pen, USB Type-C to USB Type-C cable, SIM ejector tool, and the Quick Start Guide underneath it. The tablet has a magnetic stripe on its back to magnetically attach the S Pen when not in use.

The video goes on to showcase the Galaxy Tab S9 Ultra’s design before diving into its bright and vivid display. Samsung then highlights the newly added IP68 rating for dust and water resistance. This year’s models are the first in the lineup to feature an official IP rating. The promo video then touches on the Dolby Atmos-powered quad-speaker setup, S Pen, battery, and color variants of the device.

The Galaxy Watch 6 unboxing video follows a similar pattern. After going through the in-box items, Samsung showcases the new wearable’s design and key components such as the microphone, speaker, optical heart rate sensor, infrared temperature sensor, and the bigger and sharper sapphire crystal display. Customizable watch faces and bands, advanced health features, and the iconic physical rotating bezel (Classic model) are other highlights.

Galaxy Tab S9 and Galaxy Watch 6 get more promo videos

Samsung has made more promo videos for the Galaxy Tab S9 and Galaxy Watch 6. The company is trying to entice potential buyers by showcasing what the new devices can do and how they can help you be more efficient and healthier. The smartwatch video features South Korean professional soccer player Son Heung-min who currently plays for Premier League club Tottenham Hotspur.

If you’re looking to buy any of the seven new Galaxy devices Samsung unveiled yesterday, the company is currently taking pre-orders for all of them. It will open general sales in most countries on August 11. Here are some of the best pre-order deals on the Galaxy Z Fold 5, Galaxy Z Flip 5, Galaxy Tab S9, and Galaxy Watch 6 that you can grab today.


[ad_2]
Source link