Sstic-2021-Actes.Pdf
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Security Analysis of Docker Containers in a Production Environment
Security analysis of Docker containers in a production environment Jon-Anders Kabbe Master of Science in Communication Technology Submission date: June 2017 Supervisor: Colin Alexander Boyd, IIK Co-supervisor: Audun Bjørkøy, TIND Technologies Norwegian University of Science and Technology Department of Information Security and Communication Technology Title: Security Analysis of Docker Containers in a Production Environment Student: Jon-Anders Kabbe Problem description: Deployment of Docker containers has achieved its popularity by providing an au- tomatable and stable environment serving a particular application. Docker creates a separate image of a file system with everything the application require during runtime. Containers run atop the regular file system as separate units containing only libraries and tools that particular application require. Docker containers reduce the attack surface, improves process interaction and sim- plifies sandboxing. But containers also raise security concerns, reduced segregation between the operating system and application, out of date or variations in libraries and tools and is still an unsettled technology. Docker containers provide a stable and static environment for applications; this is achieved by creating a static image of only libraries and tools the specific application needs during runtime. Out of date tools and libraries are a major security risk when exposing applications over the Internet, but availability is essential in a competitive market. Does Docker raise some security concerns compared to standard application deploy- ment such as hypervisor-based virtual machines? Is the Docker “best practices” sufficient to secure the container and how does this compare to traditional virtual machine application deployment? Responsible professor: Colin Alexander Boyd, ITEM Supervisor: Audun Bjørkøy, TIND Technologies Abstract Container technology for hosting applications on the web is gaining traction as the preferred mode of deployment. -
The Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground
The Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground Mayra Rosario Fuentes and Shiau-Jing Ding Contents TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and 4 should not be construed to constitute legal advice. The information contained herein may not be applicable to all Introduction situations and may not reflect the most current situation. Nothing contained herein should be relied on or acted upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing 7 herein should be construed otherwise. Trend Micro reserves the right to modify the contents of this document Overview of Exploit Developers at any time without prior notice. Translations of any material into other languages are intended solely as a convenience. Translation accuracy is not guaranteed nor implied. If any questions arise 12 related to the accuracy of a translation, please refer to the original language official version of the document. Any Overview of Exploit Demand and discrepancies or differences created in the translation are Availability not binding and have no legal effect for compliance or enforcement purposes. Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro 16 makes no warranties or representations of any kind as to its accuracy, currency, or completeness. You agree Outdated Exploits that access to and use of and reliance on this document and the content thereof is at your own risk. Trend Micro disclaims all warranties of any kind, express or implied. -
Area Efficient and Low Power Carry Select Adder Using
International Journal of Advances in Electronics and Computer Science, ISSN(p): 2394-2835 Volume-6, Issue-7, Jul.-2019 http://iraj.in EVOLUTION OF ANDROID MALWARE OFFENSE AND ANDROID ECOSYSTEM DEFENSE 1NISHANT PANDIT, 2DEEPTI V VIDYARTHI 1Student, Defence Institute of Advanced Technology, Girinagar, Pune, Maharashtra – 411025, India 2Assistant Professor, Defence Institute of Advanced Technology, Girinagar, Pune, Maharashtra – 411025, India E-mail: [email protected], [email protected] Abstract - Android mobile devices are used more and more in everyday life. They are our cameras, wallets, and keys. Basically, they embed most of our private information in our pocket. The paper captures the journey of android malware from being mere revenue generation incentives for the malware developer to stealing the personal data of people using these devices. It also discusses how the open source nature of Android has led to fragmentation of the core Operating System among various device manufacturer which introduces additional vulnerabilities. The non-availability of official Google Play store in some countries led to the emergence of various third party Application market which are largely unregulated in terms of the application verification. Android Operating system itself has come a long way in terms of the security features and fixed vulnerabilities over the course of a decade. Our evaluation shows that the Android System has become quite robust against malware threats and automatic installation of malware is not possible without user intervention. We explore certain simple settings on android which would protect the user from malware threats on Android device. Keywords - Android System, Malware Analysis, Vulnerabilities, Android Fragmentation. I. -
The Shadows of Ghosts Inside the Response of a Unique Carbanak Intrusion
WHITE PAPER The Shadows of Ghosts Inside the response of a unique Carbanak intrusion By: Jack Wesley Riley – Principal, Incident Response Consultant Table of contents 1 Glossary of terms................................................................................................................ 7 2 Report summary.................................................................................................................. 8 3 Intrusion overview........................................................................................................... 13 3.1 Anatomy of attack..................................................................................................... 13 3.1.1 Phase 1: D+0...................................................................................................... 14 3.1.2 Phase 2: D+0....................................................................................................... 14 3.1.3 Phase 3: D+1 through D+3............................................................................... 16 3.1.4 Phase 4: D+3 through D+25............................................................................ 17 3.1.5 Phase 5: D+25 through D+30.......................................................................... 18 3.1.6 Phase 6: D+30 through D+44.......................................................................... 19 3.2 Detection and response............................................................................................ 19 4 Intrusion details................................................................................................................. -
USB 3.0 Promoter Group Defines Authentication Protocol for USB Type-C™
PRESS RELEASE CONTACTS: Brad Saunders Liz Nardozza USB 3.0 Promoter Group USB-IF PR +1 503-264-0817 +1 503-619-5224 [email protected] [email protected] USB 3.0 Promoter Group Defines Authentication Protocol for USB Type-C™ Specification defines policy for product OEMs to mitigate risks from non-compliant devices Shenzhen, China and Beaverton, OR, USA – April 13, 2016 – The USB 3.0 Promoter Group today announced the USB Type-C™ Authentication specification, defining cryptographic-based authentication for USB Type-C™ chargers and devices. Using this protocol, host systems can confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors/capabilities and certification status. All of this happens right at the moment a wired connection is made – before inappropriate power or data can be transferred. USB Type-C™ Authentication empowers host systems to protect against non-compliant USB Chargers and to mitigate risks from maliciously embedded hardware or software in USB devices attempting to exploit a USB connection. For a traveler concerned about charging their phone at a public terminal, their phone can implement a policy only allowing charge from certified USB chargers. A company, tasked with protecting corporate assets, can set a policy in its PCs granting access only to verified USB storage devices. “USB is well-established as the favored choice for connecting and charging devices,” said Brad Saunders, USB 3.0 Promoter Group Chairman. “In support of the growing USB Type-C ecosystem, we anticipated the need for a solution extending the integrity of the USB interface. -
Mobile Threat
Mobile threat February 2018 David Bird FBCS considers threats via mobile devices and explains why he thinks the future may not be so bright. The unprecedented WannaCry ransomware and subsequent Petya destruct-ware outbreaks have caused mayhem internationally. As a result of a remote execution vulnerability, malware has propagated laterally due to two basic root-causes: (a) out-dated operating systems (OS), and/or (b) in-effective patching regimes. Here we have a commonality with the mobile device domain. There are many older generation devices that have different legacy mobile OSes installed that are no longer supported or updated. Legacy connected Microsoft Pocket PC palmtops and Windows CE or Windows Mobile devices are examples of tech still being used by delivery firms and supermarkets; even though they have been end-of-extended support since 2008 and 2014 respectively. So, do we have a problem? With over two and a half billion smartphones globally in 2016, the market is anticipated to reach at least six billion by 2020 due to the convenience of mobile back-end-as-a-service. Apparently, one vulnerability is disclosed every day, in which 10 per cent of those are critical. This figure does not include the number of internet-enabled tablets that are in circulation; in 2015, there were one billion globally, and this is expected to rise to almost one and a half billion by 2018. Today both Android-centric manufacturers and Apple fight for dominance in the mobile device market - squeezing out Blackberry’s enterprise smartphone monopoly. This has resulted in unsupported Blackberry smart-devices persisting in circulation, closely followed by successive versions of Windows Phone OS - with only 10 left supported. -
Universal Serial Bus Type-C Cable and Connector Specification
Release 1.3 - 1 - USB Type-C Cable and July 14, 2017 Connector Specification Universal Serial Bus Type-C Cable and Connector Specification Release 1.3 July 14, 2017 Copyright © 2017 USB 3.0 Promoter Group. All rights reserved. Release 1.3 - 2 - USB Type-C Cable and July 14, 2017 Connector Specification Copyright © 2014-2017, USB 3.0 Promoter Group: Apple Inc., Hewlett-Packard Inc., Intel Corporation, Microsoft Corporation, Renesas, STMicroelectronics, and Texas Instruments All rights reserved. NOTE: Adopters may only use the USB Type-C™ cable and connector to implement USB or third party functionality as expressly described in this Specification; all other uses are prohibited. LIMITED COPYRIGHT LICENSE: The USB 3.0 Promoters grant a conditional copyright license under the copyrights embodied in the USB Type-C Cable and Connector Specification to use and reproduce the Specification for the sole purpose of, and solely to the extent necessary for, evaluating whether to implement the Specification in products that would comply with the specification. Without limiting the foregoing, use of the Specification for the purpose of filing or modifying any patent application to target the Specification or USB compliant products is not authorized. Except for this express copyright license, no other rights or licenses are granted, including without limitation any patent licenses. In order to obtain any additional intellectual property licenses or licensing commitments associated with the Specification a party must execute the USB 3.0 Adopters Agreement. NOTE: By using the Specification, you accept these license terms on your own behalf and, in the case where you are doing this as an employee, on behalf of your employer. -
USB Technical Overview Brad Saunders – USB-IF/USB PG Chair (Sponsored by Intel Corporation)
USB Technical Overview Brad Saunders – USB-IF/USB PG Chair (Sponsored by Intel Corporation) USB Developer Days 2017 Taipei, Taiwan October 24 – 25, 2017 USB Developer Days – October 24 – 25, 2017 USB Implementers Forum © 2017 1 • System Level Overview • USB 3.2 Topic Agenda • USB Type-C™ • The Rest of the Story USB Developer Days – October 24 – 25, 2017 USB Implementers Forum © 2017 2 Some Words of Caution … • Only design to official released versions of USB specifications • Developer presentations are intended to help familiarize you with the general characteristics of these specifications and provide design guidance • These presentations are not technically complete and should not be used as the sole basis for product designs • USB technology has evolved into highly complex and challenging designs • Always make use of certified product suppliers – silicon, connectors, etc. • Proper materials and manufacturing processes are increasingly more critical to making successful products • Submit your products for USB certification USB Developer Days – October 24 – 25, 2017 USB Implementers Forum © 2017 3 Performance Power Delivers up to 10 Gbps x 2 – Delivers up to 100W – supporting all of your SuperSpeed USB Power power and charging for data transfer needs all your devices USB Delivery USB Type-C™ Cable & Connector Convenience Robust, slim connector with reversible plug orientation and cable direction USB Developer Days – October 24 – 25, 2017 USB Implementers Forum © 2017 4 Major Components of USB Devices USB 2.0 USB 2.0 USB 2.0 xHCI USB -
USB-IF Announces Publication of USB4™ Specification Specification Now Available for Download on USB-IF Website; Doubles Bandwidth to Extend USB Type-C® Performance
DEVELOPER UPDATE CONTACT: Joe Balich USB-IF PR +1 503-619-4113 [email protected] USB-IF Announces Publication of USB4™ Specification Specification now available for download on USB-IF website; doubles bandwidth to extend USB Type-C® performance Beaverton, OR, USA – September 3, 2019 – USB Implementers Forum (USB-IF), the support organization for the advancement and adoption of USB technology, today announced the publication of the USB4™ specification, a major update to deliver the next-generation USB architecture that complements and builds upon the existing USB 3.2 and USB 2.0 architectures. The USB4 architecture is based on the Thunderbolt™ protocol specification recently contributed by Intel Corporation to the USB Promoter Group. It doubles the maximum aggregate bandwidth of USB and enables multiple simultaneous data and display protocols. The development of the USB4 specification was first announced in March 2019 by the USB Promoter Group. It is now officially published by USB-IF and available for download at www.usb.org. Key characteristics of the USB4 solution include: • Two-lane operation using existing USB Type-C® cables and up to 40Gbps operation over 40Gbps certified cables • Multiple data and display protocols that efficiently share the maximum aggregate bandwidth • Backward compatibility with USB 3.2, USB 2.0 and Thunderbolt 3 As the USB Type-C connector has evolved into the role as the external display port of many host products, the USB4 specification provides the host the ability to optimally scale allocations for display data flow. Even as the USB4 specification introduces a new underlying protocol, compatibility with existing USB 3.2, USB 2.0 and Thunderbolt 3 hosts and devices is supported; the resulting connection scales to the best mutual capability of the devices being connected. -
Exploiting Host-Based Vulnerabilities
Exploiting Host-Based Vulnerabilities • Exploit Windows-Based Vulnerabilities • Exploit *nix-Based Vulnerabilities Copyright (c) 2018 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 1 Commonalities Among Windows-Based Vulnerabilities (Slide 1 of 2) • OSs and most applications based on C, which has no default bounds-checking. • Susceptible to buffer overflows, arbitrary code execution, and privilege escalation. • Developers need to use security best practices and unit testing. • Proprietary product, so source code is not publicly available. • Fewer reviews open the door for undiscovered weaknesses. • Complexity enables vulnerabilities to remain undetected after release. • Microsoft doesn’t patch all vulnerabilities—they release new versions. • This leaves the vulnerability unaddressed in older installations. Copyright (c) 2018 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 2 Commonalities Among Windows-Based Vulnerabilities (Slide 2 of 2) • Servers: Network-based vulnerabilities; workstations: Application-based vulnerabilities. • Uses standard protocols and technologies. • Susceptible to cross-platform exploits. • Physical access puts hosts at greater risk. • Connecting cables to administrative console ports. • Booting to a different OS. • Using removable media. • Stealing and damaging hardware. • Social engineering is required to expose certain vulnerabilities. Copyright (c) 2018 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 3 Windows Operating System Vulnerabilities Category Description Remote code execution Any condition that allows attackers to execute arbitrary code. Buffer or heap overflow A programming error that allows attackers to overwrite allocated memory addresses with malicious code. Denial of service Any condition that allows attackers to use resources so that legitimate requests can’t be served. A programming error that allows attackers to access a program’s memory space and hijack the normal Memory corruption execution flow. -
International Standard
This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-8023417 IEC 62680-1-2 ® Edition 1.0 2016-11 INTERNATIONAL STANDARD colour inside Universal serial bus interfaces for data and power – Part 1-2: Common components – USB Power Delivery specification ) en ( 11 - 6 :201 2 - 1 - 62680 IEC Copyright © IEC, 2016, Geneva, Switzerland. All rights reserved. Sold by SIS under license from IEC and SEK. No part of this document may be copied, reproduced or distributed in any form without the prior written consent of the IEC. This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-8023417 THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright © 2016 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office Tel.: +41 22 919 02 11 3, rue de Varembé Fax: +41 22 919 03 00 CH-1211 Geneva 20 [email protected] Switzerland www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. -
Remote Code Execution on Android
MASARYK UNIVERSITY FACULTY OF INFORMATICS Remote code execution on Android MASTER'S THESIS Mayank Samadhiya Chennai, Fall 2017 MASARYK UNIVERSITY FACULTY OF INFORMATICS Remote code execution on Android MASTER'S THESIS Mayank Samadhiya Chennai, Fall 2017 This is where a copy of the official signed thesis assignment and a copy of the Statement of an Author is located in the printed version of the document. Declaration Hereby I declare that this paper is my original authorial work, which I have worked out on my own. All sources, references, and literature used or excerpted during elaboration of this work are properly cited and listed in complete reference to the due source. Mayank Samadhiya Advisor: Martin Stehlik i Acknowledgement I am very thankful to my organization and Government of India for giving me the opportunity to pursue Master studies at Masaryk Uni versity. I am thankful to RNDr. Martin Stehlik Ph.D, Mgr. Jaroslav Seděnka and Dr. Chester Rebeiro who has guided me in completion of my Master thesis. I am also thankful to Prof RNDr Václav Matyáš Ph.D. for his continuous motivation for the completion of thesis. I am also thankful to all my teachers at Masaryk University, especially Prof RNDr Václav Matyáš Ph.D., RNDr. Petr Švenda Ph. D and to all my batchmates for enabling me to learn many vital aspects of In formation Security. I would like to thank my wife Ritu and children Darsh and Shivay for there patience and providing me continuous encouragement and support. iii Abstract Android is an open-source platform which is widely used in smart phones, tablets and other low power applications.