The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday January 15, 2020

PayPal has confirmed that a researcher found a high-severity security vulnerability that could expose user passwords to an attacker.

PayPal has confirmed that a researcher found a high-severity security vulnerability that could expose user passwords to an attacker.

The researcher, Alex Birsan, discovered the high-severity vulnerability when he was "exploring" the main authentication flow at PayPal. His attention was drawn to the fact that a JavaScript file contained what looked like a cross-site request forgery token and a session ID. He says, "Providing any kind of session data inside a valid javascript file usually allows it to be retrieved by attackers."

If a user fails to login several time, they have to solve a CAPTCHA challenge once they finally authenticate, and PayPal noted that "the exposed tokens were used in the POST request to solve the CAPTCHA."

PayPal said, "if a user followed a login link from a malicious site, similar to a phishing page." However, Birsan said, in the real-world of the social engineering attack, "the only user interaction needed would have been a single visit to an attacker-controlled web page."

Within 24 hours of the bug's confirmation by the HackerOne bug bounty platform, PayPal had patched the vulnerability. Birsan was awarded a bug bounty worth about $15,300 USD.

Source: www.forbes.com

Sent to us by: Robbie Ferguson

A Citrix exploit lets hackers take over compromized systems with little effort and no credentials needed.

Late last month Citrix disclosed a critical security hole in both its Application Delivery Controller and Unified Gateway offerings. Up to 80,000 systems were thought to be at risk, with some 25,000 instances found online over the weekend.

Those admins who haven't put mitigations in place by now will want to make sure they address their situation immediately, as infosec researchers have now publicly shared working exploit code for the remote takeover bug. The proof-of-concept code can be used to trivially achieve arbitrary code execution with no account credentials. In other words, they'll be easily able to hijack systems.

If you haven't put in place the mitigations by now, and you have vulnerable systems facing the internet, you've probably already been hacked since bots have been mass-scanning the 'net for machines to compromise.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

Hundreds of millions of Broadcom-based cable modems at risk of remote hijacking.

A vulnerability in Broadcom's cable modem firmware has left as many as 200 million home broadband gateways in Europe, and potentially more worldwide, at risk of remote hijackings.

A vulnerable user would simply have to visit a web page or open an HTML file that contains malicious JavaScript. This code subsequently connects to the web server built into the vulnerable modem on the local network. The script then alters the contents of the modem's processor registers, by overwriting the stack, to redirect execution to malware smuggled in with the request.

At that point, the code can attempt man-in-the-middle attack, which allows the hacker to gain access to potentially sensitive information sent to or from the user`s Internet connection. The miscreant can also use the exploit to manipulate the firmware, change DNS settings to redirect connections to pages of their choosing ... no doubt phishing versions of every bank and social media site you can think of. They can snoop on traffic, launch distributed denial-of-service assaults, and more. In other words, this is a bad one. Once exploited, an attacker can use the modem to do pretty much anything they want.

Broadcom says the exploitable code was patched last May, but it seems clear the fix was not widely adopted by users. In their tests, the Cable Haunt team were able to compromise a large number of Sagemcom, Netgear, Technicolor, and Compal models, for instance.

Since Broadcom chips are in many brands of routers and modems, it`s important to make sure your firmware is up to date so you don`t get compromized now that the exploit is known to hackers.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

Windows 7 support has come to an end.

Support for Windows 7 is over. For security, software updates and other reasons, it's time to stop procrastinating and make the move to Windows 10.

Microsoft support for Windows 7 has officially ended. This shouldn't come as a surprise to Windows users: Microsoft promised 10 years of product support for Windows 7 when it was released in October 2009, before shifting focus to newer technologies.

As of Jan. 14, Microsoft no longer offers technical assistance or software updates to your device, and the company has encouraged people to upgrade to Windows 10 to keep their PCs and laptops secure.

Your Windows 7 computer will keep working, but Microsoft will not provide security updates or fixes, or technical support for any issues -- leaving your computer at greater risk from viruses and malware that may circulate to take advantage of any flaws that are later discovered.

That's why it's important for you to switch to an OS version that Microsoft will still put resources behind. As security vulnerabilities are discovered for the discontinued OS, hackers will create tools to exploit them, but Microsoft will not create patches to fix them. Without security updates or fixes, you're putting your computer and other devices on your network at risk.

If you're a Windows 8.1 user, extended support for that OS won't end until January 2023.

Windows 10 was released in 2015, and extended support for the latest version of the OS is slated to end in 2025.

This could also be an excellent time to try out Linux. While an upgrade to Windows 10 might require you to upgrade your hardware too, Linux may breathe new life into your existing computer. You can remove the discontinued Windows 7 and replace it with Ubuntu or Linux Mint at no charge.

Source: www.cnet.com

Sent to us by: Robbie Ferguson

Apple is now selling rack-mountable cheese graters.

Apple has begun selling the rack-mountable variant of its Mac Pro desktop computer.

Starting at $6,500, the rack-mounted Mac Pro is identical to the tower version in terms of specifications and specs. It comes in all the same hardware configurations, has the same ports, is laid out the same inside the case, and has the same rear connections.

The differences from the tower variant are entirely in the case itself. This variant of the Mac Pro forgoes the wheels or stands of the tower model in favor of stainless steel rails that allow the device to be mounted horizontally in server racks. It also has a removable lid instead of the fully removable frame seen in the tower.

Additionally, the handles are on the front for easy removal from server racks, and some other elements like the power button have been moved from the tower top to the rack front.

This Mac Pro is intended for inclusion in render farms, as a server, and other commercial and professional uses.

Source: arstechnica.com

Sent to us by: Roy W. Nash

The PinePhone Brave Heart edition is available now for early adopters and we'll tell you about this $150 smartphone from Pine64.

The PinePhone is an affordable Linux smartphone created by Pine64, makers of the Pinebook Pro laptop, the RockPro64 and Pine64 single board computer.

The PinePhone specs, price and design are all tailored towards keeping it a super low $149 price point.

So that puts it in a spot all its own: the PinePhone is built for Linux enthusiasts and developers who can appreciate its privacy focus and open source software.

Don't expect it to be on par with the latest and greatest smartphone though. The goal with the PinePhone is to provide a reliable, open and hackable smartphone platform, powered by Linux.

The Brave Heart edition is available now and intended for enthusiasts and early adopters only. We'll call it a “first pass” batch. It does not ship with Linux installed - you'd have to do that yourself from one of the beta builds available. And the handset has a few differences to the final run units, mainly related to antenna placement and 2G signal.

Soon, the PinePhone will be available to buy as a complete phone, pre-loaded with a Linux-based mobile operating system.

There’s no specific release date, but as soon as there is, we'll be sure to let you know - so make sure you subscribe and click the bell to receive notifications.

Source: www.omgubuntu.co.uk

Sent to us by: Roy W. Nash