On Hacking and Prevention

Yikes!  Vim is included in nearly all GNU/Linux and BSD distributions, so this is quite a significant vulnerability, even though comparatively few end-users actually directly use it.  https://arstechnica.com/information-technology/2019/06/if-you-havent-patched-vim-or-neovim-text-editors-you-really-really-should/

One of the interesting and concerning developments this week is the discovery of a Chinese hacker gang that has been targeting software development and software update mechanisms, seemingly for industrial espionage.  ( https://arstechnica.com/information-technology/2019/05/a-mysterious-hacker-gang-is-on-a-supply-chain-hacking-spree/ )  This once again recalls previous instances of industrial espionage engaged in by agents of the People's Republic of China government.  The software targeted included driver update utilities by ASUS, a company known for quality hardware and having been an Original Equipment Manufacturer for Apple in the past. Something still related to security but also interesting for other reasons is how Google's data compression proxy works.  ( https://developer.chrome.com/multidevice/data-compression ).  It allows mobile devices using Chrome on Android or the desktop (which requires an extension, also usable with other Chromium-based browsers...

This week, I've learned about a variety of things. I learned more about the QUIC protocol, which came from 'Quick UDP Internet Connections' (which is an accurate and concise description of it), although it is merely used as a name now.  It was created by Google, which has created a lot of innovative web technologies.  Ars Technica has an article on it a while back.  ' The next version of HTTP won't be using TCP | Ars Technica ' I also learned of Google Gruyere, which is named for a type of cheese from the Franco-Swiss border regions.   https://google-gruyere.appspot.com . It is a website designed to be used for learning about attacks on websites, including through manipulating the website in ways that wouldn't be legally allowed without permission. I was aware of traversing different parts of websites through manipulating the URLs ( http://www.homestarrunner.com/sbemail100.html  is a clever example of a joke, the real content is at  http://www.h...

HP's new security controller ( https://www.anandtech.com/show/14225/hps-security-push-sure-sense-endpoint-security-controller ) sounds interesting, but it definitely needs to be sufficiently hardened to make it worthwhile.  The idea is to use AI to detect malware based on behavior, to protect against zero-day exploits and such. A disturbing development that I just read about is the 'Land Lordz' scam using other domains to get people to make cash deposits for listings on AirBNB that are not legitimate.  ( ‘Land Lordz’ Service Powers Airbnb Scams ) One of the stranger recent security occurrences was that a poorly documented security feature in Microsoft Edge breaks another security feature (marking a file as from the web) that causes a certain type of file, the MHT file, to be opened without a sandbox using Internet Explorer, since it is the default to open that type of file.  ( https://arstechnica.com/information-technology/2019/04/unexpected-security-feature-in-micros...

This week I learned about a tool called Cain and Abel, or Cain for short, after the biblical characters. The tool is designed to allow a user to man-in-the-middle traffic, crack or recover passwords for Windows, WEP, and more.  There are problems with getting it working on Windows 10, though. I recently read the article ' A security researcher with a grudge is dropping Web 0days on innocent users ' on Ars Technica.  It is about how someone in the field of security research is releasing zero-day exploits for two Wordpress plugins publicly after their forum posts and original forum account were deleted by moderators on the Wordpress forums.  Only after the vulnerabilities were published and rapidly abused by nefarious individuals did workers at Wordpress actually notice and do something about it. Another report I recently read was on government-sponsored cybercrime from the People's Republic of China.  In the report, government officials discussed how many USA-bas...

This week, I learned about tools like Metasploit, which can be used to develop and deploy malware for testing, as well as find vulnerable systems.  I had some difficulties installing Metasploit in virtual machines.  First, it turns out that turning off Windows defender doesn't really turn it off completely on Windows 10, so installing Metasploit on it was not feasible due to all the detected malware signatures.  I had some unrelated problems with upgrading a GNU/Linux virtual machine so that I could install Metasploit, so I wound up opting to install Kali Linux in a virtual machine which now is supposed to include Metasploit, since I had been planning to do so at some point anyway.  I found the guides at https://jonathansblog.co.uk/how-to-use-metasploit-to-scan-for-vulnerabilities , https://computingforgeeks.com/how-to-install-metasploit-framework-on-ubuntu-18-04-debian-9/ , and for nmap https://www.cyberciti.biz/faq/install-nmap-debian-ubuntu-server-desktop-system/ ...