Wednesday 31 May 2023

Security Surprises On Firefox Quantum

This morning I've found an scaring surprise on my Firefox Quantum. Casually it was connected to a proxy when an unexpected connection came up, the browser  was connecting to an unknown remote site via HTTP and downloading a ZIP that contains an ELF shared library, without any type of signature on it.

This means two things

1) the owner of that site might spread malware infecting many many people.
2) the ISP also might do that.


Ubuntu Version:


Firefox Quantum version:



The URL: hxxp://ciscobinary.openh264.org/openh264-linux64-0410d336bb748149a4f560eb6108090f078254b1.zip




The zip contains these two files:
  3f201a8984d6d765bc81966842294611  libgmpopenh264.so
  44aef3cd6b755fa5f6968725b67fd3b8  gmpopenh264.info

The info file:
  Name: gmpopenh264
  Description: GMP Plugin for OpenH264.
  Version: 1.6.0
  APIs: encode-video[h264], decode-video[h264]

So there is a remote codec loading system that is unsigned and unencrypted, I think is good to be aware of it.

In this case the shared library is a video decoder, but it would be a vector to distribute malware o spyware massively, or an attack vector for a MITM attacker.




Related news
  1. Pentest Tools Website
  2. Hackers Toolbox
  3. Hacker Tools Apk Download
  4. Usb Pentest Tools
  5. Pentest Tools Review
  6. Pentest Tools Windows
  7. Pentest Tools
  8. Hacking Tools For Windows 7
  9. Hack Website Online Tool
  10. Top Pentest Tools
  11. Hacks And Tools
  12. Hack Tool Apk No Root
  13. Hacker Tools Mac
  14. Hacking Tools Online
  15. Pentest Tools Open Source
  16. How To Install Pentest Tools In Ubuntu
  17. Hacking Tools 2020
  18. Hacking App
  19. Pentest Tools Kali Linux
  20. Android Hack Tools Github
  21. Hacking Tools For Games
  22. What Are Hacking Tools
  23. Hack Tool Apk No Root
  24. Pentest Tools Kali Linux
  25. Hacker Tools Software
  26. Android Hack Tools Github
  27. Hacker Tools For Mac
  28. How To Make Hacking Tools
  29. Hack Tools For Windows
  30. Hacking Tools For Kali Linux
  31. Game Hacking
  32. Hacking Tools Usb
  33. Hacking Tools For Kali Linux
  34. Pentest Reporting Tools
  35. Hack Tools Pc
  36. Hack App
  37. Pentest Tools Review
  38. Hacker Tools Linux
  39. Hacking Tools For Windows 7
  40. Pentest Automation Tools
  41. Pentest Tools Online
  42. Pentest Tools Online
  43. Tools 4 Hack
  44. Hacker Techniques Tools And Incident Handling
  45. Hack Tools Online
  46. Hacker Tools Apk
  47. Hacking Tools And Software
  48. Hacks And Tools
  49. Hacking Tools Hardware
  50. Hack Tools Download
  51. Hack Tools
  52. Pentest Box Tools Download
  53. Hacker Search Tools
  54. Hacking Tools Windows
  55. Pentest Tools Download
  56. Hacking Apps
  57. Pentest Automation Tools
  58. Black Hat Hacker Tools
  59. Hacking Tools Name
  60. Pentest Tools
  61. Hack And Tools
  62. Hacker Tools 2020
  63. Pentest Tools Online
  64. Hackrf Tools
  65. Hacker Tools List
  66. Pentest Tools Tcp Port Scanner
  67. Hacking Tools Hardware
  68. Pentest Tools Website Vulnerability
  69. How To Install Pentest Tools In Ubuntu
  70. New Hack Tools
  71. Pentest Recon Tools
  72. Hacking Tools For Beginners
  73. Hack Tools Pc
  74. Hack Tools Pc
  75. Hacker Techniques Tools And Incident Handling
  76. Pentest Tools Open Source
  77. Hack Tools Download
  78. Hacking Tools Pc
  79. Hack Tools For Pc
  80. Hacker Tools Linux
  81. Pentest Tools Android
  82. Computer Hacker
  83. Pentest Automation Tools
  84. Hacker Tools Mac
  85. Hacking Tools Online
  86. Hacking Tools For Kali Linux
  87. Hacking Tools Online
  88. Hacker Tools Free
  89. Pentest Tools Port Scanner
  90. Pentest Box Tools Download
  91. Tools Used For Hacking
  92. Hacker Tools Hardware
  93. Hacker Tools Apk
  94. Github Hacking Tools
  95. Hacker Tools Hardware
  96. Hak5 Tools
  97. Hack Tools
  98. New Hack Tools
  99. Pentest Tools For Mac
  100. Hacking Tools Hardware
  101. Pentest Tools Bluekeep
  102. Hacker Tools 2020
  103. Hacker Tools Hardware
  104. Pentest Tools Github
  105. World No 1 Hacker Software
  106. Nsa Hacker Tools
  107. Pentest Tools
  108. What Is Hacking Tools
  109. Hack Apps
  110. Pentest Tools For Ubuntu
  111. Hacking Tools For Windows Free Download
  112. Hack Tools For Ubuntu
  113. Hacking Tools And Software
  114. Pentest Tools Website Vulnerability
  115. Hack Tools Online
  116. Pentest Recon Tools
  117. World No 1 Hacker Software
  118. Hacking Tools
  119. Hacking Tools Usb
  120. Hack Tools
  121. Hack Tools 2019
  122. Pentest Tools For Android
  123. Hacker Tools For Mac
  124. Pentest Recon Tools
  125. New Hacker Tools
  126. How To Hack
  127. Hack Website Online Tool
  128. Hack Tools For Pc
  129. Pentest Tools Online
  130. Install Pentest Tools Ubuntu
  131. Free Pentest Tools For Windows
  132. Ethical Hacker Tools
  133. Pentest Tools Alternative
  134. Hacker Hardware Tools
  135. Pentest Tools Url Fuzzer
  136. Hacker Tools Free Download
  137. Hacking Tools For Windows 7
  138. Pentest Tools For Windows
  139. Pentest Tools Linux
  140. Hacking Tools Name
  141. Hacking Tools Github
  142. Pentest Tools Port Scanner
  143. Tools 4 Hack
  144. Pentest Tools For Mac
  145. Pentest Tools Linux
  146. Ethical Hacker Tools
  147. Hack Tools For Pc
  148. Hacking Tools Hardware
  149. Pentest Reporting Tools
  150. Bluetooth Hacking Tools Kali
  151. Pentest Tools Download
  152. Hack Tools Pc
  153. Hacking Tools For Kali Linux
  154. Physical Pentest Tools

Hackerhubb.blogspot.com

Hackerhubb.blogspot.comRelated posts

How SSPM Simplifies Your SOC2 SaaS Security Posture Audit

 


An accountant and a security expert walk into a bar… SOC2 is no joke.

Whether you're a publicly held or private company, you are probably considering going through a Service Organization Controls (SOC) audit. For publicly held companies, these reports are required by the Securities and Exchange Commission (SEC) and executed by a Certified Public Accountant (CPA). However, customers often ask for SOC2 reports as part of their vendor due diligence process.

Out of the three types of SOC reports, SOC2 is the standard to successfully pass regulatory requirements and signals high security and resilience within the organization — and is based on the American Institute of Certified Public Accountants (AICPA) attestation requirements. The purpose of this report is to evaluate an organization's information systems relevant to security, availability, processing integrity, confidentiality, and privacy — over a period of time (roughly six to twelve months).

As part of a SOC2 audit, it is necessary to conduct security checks across the company's SaaS stack that will look for misconfigured settings such as detection and monitoring to ensure continued effectiveness of information security controls and prevent unauthorized/ inappropriate access to physical and digital assets and locations.

If you're beginning or on a SOC2 audit journey, then an SSPM (SaaS Security Posture Management) solution can streamline the process and shorten the time it takes to pass a SOC2 audit successfully, fully covering your SaaS Security posture.

Learn how to streamline your organization's SOC2 compliance

What are the AICPA Trust Services Criteria (TSC)?

When external auditors engage in a SOC 2 audit, they need to compare what you're doing to a long list of established requirements from AICPA TSC. The "Common Controls" fall into five groups:

  • Security - Includes sub controls of the Logical and Physical Access (CC6)
  • Availability - Includes sub controls of the System Operations (CC7)
    • Processing integrity: Includes sub controls of the System Operations (CC7)
    • Confidentiality: Includes sub controls of the Logical and Physical Access (CC6)
    • Privacy - Includes sub controls of the Monitoring Activities (CC4)

      Within each common control are a set of sub controls that turn the overarching standard into actionable tasks.

      Passing a SOC 2 audit takes a lot of time, effort, and documentation. During a SOC2 audit, you not only need to show that your controls work during the audit period, but you also need to show that you have the ability to continuously monitor your security.

      Going through the entire TSC framework is too long for a blog post. However, a quick look into a couple of controls of Logical and Physical Access (CC6) and System Operations (CC7) gives you an idea of what some of the controls look like and how you can utilize an SSPM to ease the SOC2 audit.

      Get a 15-minute demo of how an SSPM can help your SOC 2 TSC audit

      Logical and Physical Access Controls

      This section sets out the types of controls needed to prevent unauthorized or inappropriate access to physical and digital assets and locations. Managing user access permissions, authentication, and authorization across the SaaS estate poses many challenges. In fact, as you look to secure your cloud apps, the distributed nature of users and managing the different access policies becomes increasingly challenging.

      Under CC6.1 control, entities need to:

      • Identify, classify, and manage information assets
      • Restrict & manage user access
      • Consider network segmentation
      • Register, authorize, and document new infrastructure
      • Supplement security by encrypting data-at-rest
      • Protect encryption keys

      Example

      The department that utilizes a SaaS app is often the one that purchases and implements it. Marketing might implement a SaaS solution for monitoring leads while sales implements the CRM. Meanwhile, each application has its own set of access capabilities and configurations. However, these SaaS owners may not be trained in security or able to continuously monitor the app's security settings so the security team loses visibility. At the same time, the security team may not know the inner workings of the SaaS like the owner so they may not understand more complex cases which could lead to a security breach.

      An SSPM solution, maps out all the user permissions, encryption, certificates and all security configurations available for each SaaS app. In addition to the visibility, the SSPM solution helps correct any misconfiguration in these areas, taking into consideration each SaaS app's unique features and usability.

      In CC.6.2 control, entities need to:

      • Create asset access credentiations based on authorization from the system's asset owner or authorized custodian
      • Establish processes for removing credential access when the user no longer requires access
      • Periodically review access for unnecessary and inappropriate individuals with credentials

      Example

      Permission drifts occur when a user has certain permissions as part of a group membership, but then gets assigned a specific permission that is more privileged than what the group has. Over time many users get extra permissions. This undermines the idea of provisioning using groups.

      Classic deprovisioning issues, an SSPM solution can spot inactive users and help organizations to quickly remediate, or at the very least, alert the security team to the issue.

      Under CC.6.3 control, entities need to:

      • Establish processes for creating, modifying or removing access to protected information and assets
      • Use role-based access controls (RBAC)
      • Periodically review access roles and access rules

      Example

      You might be managing 50,000 users across five SaaS applications, meaning the security team needs to manage a total of 250,000 identities. Meanwhile, each SaaS has a different way to define identities, view them, and secure identities. Adding to the risk, SaaS applications don't always integrate with each other which means users can find themselves with different privileges across different systems. This then leads to unnecessary privileges that can create a potential security risk.

      An SSPM solution allows visibility into user privileges and sensitive permission across all connected SaaS apps, highlighting the deviation from permission groups and profiles.

      System Operations

      This section focuses on detection and monitoring to ensure continued effectiveness of information security controls across systems and networks, including SaaS apps. The diversity of SaaS apps and potential for misconfigurations makes meeting these requirements challenging.

      In CC7.1 control, entities need to:

      • Define configuration standards
      • Monitor infrastructure and software for noncompliance with standards
      • Establish change-detection mechanisms to aler personnel to unauthorized modification for critical system, configuration, or content files
      • Establish procedures for detecting the introduction of known or unknown components
      • Conduct periodic vulnerability scans to detect potential vulnerabilities or misconfigurations

      It is unrealistic to expect from the security team to define a "configuration standard" that complies with SOC2 without comparing against a built-in knowledge base of all relevant SaaS misconfigurations and to continuously comply with SOC2 without using an SSPM solution.

      Get a 15-minute demo to see how an SSPM solution automates your SaaS security posture for SOC2 and other standards.

      More articles


      1. Kik Hack Tools
      2. Best Hacking Tools 2020
      3. Hacker Tools For Ios
      4. Blackhat Hacker Tools
      5. Pentest Tools Url Fuzzer
      6. Hacking Tools Free Download
      7. Hacking Tools For Mac
      8. Hack Tools Pc
      9. Hacker Tools Online
      10. Hacking Tools Windows
      11. Hacking Tools Online
      12. Hacking Tools
      13. Pentest Automation Tools
      14. What Is Hacking Tools
      15. Pentest Recon Tools
      16. Usb Pentest Tools
      17. New Hacker Tools
      18. Pentest Automation Tools
      19. Hack Tools 2019
      20. Ethical Hacker Tools
      21. Hacker Tools Hardware
      22. Hacking Tools Windows
      23. Hacker Tools Software
      24. Hack Tools
      25. What Are Hacking Tools
      26. Hack And Tools
      27. Pentest Tools Nmap
      28. Pentest Tools Nmap
      29. Hack Tools For Ubuntu
      30. Pentest Tools For Mac
      31. Hacker Tools Hardware
      32. Pentest Tools Kali Linux
      33. Pentest Automation Tools
      34. Growth Hacker Tools
      35. Hack Tools For Windows
      36. Pentest Tools Alternative
      37. Hack Tools For Games
      38. Hack Tools 2019
      39. Pentest Tools For Android
      40. Hack Tools Download
      41. Hacker Tools Mac
      42. Hacker Tools 2020
      43. Tools For Hacker
      44. Hacking Tools Download
      45. Hacker Tools Apk Download
      46. Pentest Tools Android
      47. Hack Tools Mac
      48. Game Hacking
      49. Hacker Tools Hardware
      50. Best Hacking Tools 2020
      51. Hacking Tools 2020