Topic: Computer Security (Page 3)
You are looking at all articles with the topic "Computer Security". We found 27 matches.
Hint:
To view all topics, click here. Too see the most popular topics, click here instead.
π How a Buffer Overflow Works
In information security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs. Buffer overflows can often be triggered by malformed inputs; if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, then an anomalous transaction that produces more data could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, and crashes.
Exploiting the behavior of a buffer overflow is a well-known security exploit. On many systems, the memory layout of a program, or the system as a whole, is well defined. By sending in data designed to cause a buffer overflow, it is possible to write into areas known to hold executable code and replace it with malicious code, or to selectively overwrite data pertaining to the program's state, therefore causing behavior that was not intended by the original programmer. Buffers are widespread in operating system (OS) code, so it is possible to make attacks that perform privilege escalation and gain unlimited access to the computer's resources. The famed Morris worm in 1988 used this as one of its attack techniques.
Programming languages commonly associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array (the built-in buffer type) is within the boundaries of that array. Bounds checking can prevent buffer overflows, but requires additional code and processing time. Modern operating systems use a variety of techniques to combat malicious buffer overflows, notably by randomizing the layout of memory, or deliberately leaving space between buffers and looking for actions that write into those areas ("canaries").
Discussed on
- "How a Buffer Overflow Works" | 2009-04-01 | 17 Upvotes 6 Comments
π Sony BMG Rootkit Scandal
A scandal erupted in 2005 regarding Sony BMG's implementation of copy protection measures on about 22 million CDs. When inserted into a computer, the CDs installed one of two pieces of software that provided a form of digital rights management (DRM) by modifying the operating system to interfere with CD copying. Neither program could easily be uninstalled, and they created vulnerabilities that were exploited by unrelated malware. One of the programs would install and "phone home" with reports on the user's private listening habits, even if the user refused its end-user license agreement (EULA), while the other was not mentioned in the EULA at all. Both programs contained code from several pieces of copylefted free software in an apparent infringement of copyright, and configured the operating system to hide the software's existence, leading to both programs being classified as rootkits.
Sony BMG initially denied that the rootkits were harmful. It then released an uninstaller for one of the programs that merely made the program's files visible while also installing additional software that could not be easily removed, collected an email address from the user and introduced further security vulnerabilities.
Following public outcry, government investigations and class-action lawsuits in 2005 and 2006, Sony BMG partially addressed the scandal with consumer settlements, a recall of about 10% of the affected CDs and the suspension of CD copy-protection efforts in early 2007.
Discussed on
- "Sony BMG Rootkit Scandal" | 2022-07-22 | 20 Upvotes 2 Comments
π 2024 Lebanon Pager Explosions
On 17 September 2024, communication pagers simultaneously exploded across Lebanon and Syria in an apparent coordinated attack. Many of the pagers were owned by members of the Hezbollah militant group. Eighteen people were confirmed killed: eleven in Lebanon (including a child and at least two Hezbollah members) and seven in Syria. Around 4,000 people were reportedly injured, including Hezbollah members and civilians.
The blasts affected several Hezbollah strongholds, including Beirut's Dahieh suburb, southern Lebanon, and in the Beqaa Valley. Over 500 of the group's militants lost their eyesight. They called the incident the organization's "biggest security breach yet" and accused Israel of responsibility.
A day after Hamas launched its October 7 attacks on Israel in 2023, the Iranian-backed organization Hezbollah joined the conflict in support of Hamas by firing on Israel. This led to a series of cross-border military exchanges between Hezbollah and Israel. In February 2024, the secretary-general of Hezbollah, Hassan Nasrallah, told the group's members to use pagers instead of cell phones, claiming that Israel had infiltrated their cell phone network. Hezbollah then bought a new brand of pagers that were recently imported to Lebanon.
Earlier on the day of the explosion, Israel's domestic security agency, the Shin Bet, announced it had thwarted a Hezbollah plot to assassinate a former senior defense official using an explosive device.
Around 150 hospitals across Lebanon received victims of the attack, which saw chaotic scenes.
Discussed on
- "2024 Lebanon Pager Explosions" | 2024-09-17 | 14 Upvotes 2 Comments
π Zombie Zero
Zombie Zero is an attack vector where a cyber attacker utilized malware that was clandestinely embedded in new barcode readers which were manufactured overseas.
It remains unknown if this attack was promulgated by organized crime or a nation state. Clearly there was significant planning and investment in order to design the malware, and then embed it into the hardware within the barcode scanner. Internet of things (IoT) devices may be similarly preinstalled with malware that can capture the network passwords and then open a backdoor to attackers. Given the high volume of these devices manufactured overseas high caution is to be exercised before placing these devices on corporate or government networks.
Discussed on
- "Zombie Zero" | 2021-04-09 | 13 Upvotes 2 Comments
π Confused Deputy Problem
In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important.
Capability systems protect against the confused deputy problem, whereas access-control listβbased systems do not.
Discussed on
- "Confused Deputy Problem" | 2023-10-18 | 11 Upvotes 2 Comments
π International Committee of the Red Cross rules of engagement for civilian hacker
On 4 October 2023 the International Committee of the Red Cross published rules of engagement for civilian hackers involved in conflicts. The rules had been described as a "Geneva Code of cyber-war".
Discussed on
- "International Committee of the Red Cross rules of engagement for civilian hacker" | 2024-07-12 | 12 Upvotes 1 Comments
π The Cuckoo's Egg
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage is a 1989 book written by Clifford Stoll. It is his first-person account of the hunt for a computer hacker who broke into a computer at the Lawrence Berkeley National Laboratory (LBNL).
Stoll's use of the term extended the metaphor Cuckoo's egg from brood parasitism in birds to malware.
Discussed on
- "The Cuckoo's Egg" | 2023-02-20 | 10 Upvotes 1 Comments