Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

This Year's Pwn2Own Hackfest Will Offer Up to $2 Million in Rewards
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
User Rank: Ninja
1/29/2018 | 6:19:43 PM
This is good in my view, contesters may identify unknow vulnerability, I am glad Microsoft is part of it.

User Rank: Ninja
1/29/2018 | 11:07:58 AM
Re: The rewards of virtue?
@JoeS: Could well be - but possibilities, probabilities and particulars of the M/S issue don't change the fact that we have greatly expanded, and motivated, sets of eyes examining functional code, looking for ways it could be used perversely.  That "...multiple different groups of researchers had independently discovered those flaws all around the same time...", only reinforces that point.  

Yes, that some dark intentioned individual or entity had discovered the opportunity is possible; and if they have/are/plan to use it, the strong probability is that they wouldn't be obvious about it.  Also, if they found it, they must have had an incentive to look for something like it - and they could only have been encouraged in their efforts by similar "successes" in finding vulnerabilities by others.

Probabilities aside, the vulnerability underlying M/S was found and made known by researchers.  That they were well intentioned doesn't alter the fact that the results have been disruptive and costly.  The intent of the researchers has proven as irrelevant as that of programmers and chip designers. 
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
1/28/2018 | 7:43:49 PM
Re: The rewards of virtue?
@BrianN: Actually, multiple different groups of researchers had independently discovered those flaws all around the same time, as Wired recently wrote about (along with the general phenomenon). This strongly suggests either that (1) at least some malfeasor(s) out there had already discovered it or (2) there was a substantial probability that "bad guys" were about to discover it anyway.
User Rank: Ninja
1/28/2018 | 11:18:47 AM
The rewards of virtue?
Perhaps too many are missing the point: intent doesn't exist in code or circuitry, any more than there's an intrinsic difference between instructions and data in binary sequences - it was that realization that enabled a quantum step forward in digital processing.  It was that same realization that gave bad actors the idea to hide malicious code in digital images, or other "data values".

Malware is just software - which can be used to do bad things; and what's bad or good will always be a judgement call. 

With bug-bounties, and hackfests, you're offering rewards (money or status), for finding new ways to refactor the code/data that exists and is necessary for the functionality of processors, operating systems and application software - ways to turn that functionality against us. 

That rewards have been issued in the past confirms that that there were latent opportunities for malware discovered; and we have every reason to believe that more will be discovered, as pursuits and pursuers become more numerous and capable. 

Of course, the expectation is that vulnerabilities will be uncovered by the good guys; and closed before the bad guys can exploit them.  But consider what happens when the discoveries leak out before the mitigations and fixes are ready; with systems that aren't (can't/won't be), updated; with vulnerabilities within intrinsic functionality of underlying processes; or all of the above - as is the case with the Meltdown/Spectre vulnerabilities, which had lain undiscovered and unexploited until....
Joe Stanganelli
Joe Stanganelli,
User Rank: Ninja
1/26/2018 | 4:55:21 PM
Re: Exploit hunting for fun and profit?
@Brian: More lamentably, remember Easter Eggs? They are not often to be found anymore -- and Microsoft reportedly did away with them in Office, etc. -- because of security woes.

My favorite, I think, was one in SimCity 2000 that resulted in a very excellent (IMHO) joke being scrolled up the screen.
User Rank: Ninja
1/26/2018 | 3:52:53 PM
Exploit hunting for fun and profit?
Remember when  a programming "bug" was first rebranded as "an undocumented feature"?  That was a clever way to spin a half-truth.  Neither hardware nor software know anything of intentions; they mechanically follow the logic of their design - not the logic (valid or otherwise), of their designers.

Without denying the positives of cybersecurity research (and researchers), we should also look at the negative consequences, both realized and unanticipated. 

Bug hunters aren't looking for a programming mistake that renders some text pink rather than red; they are looking for either unintended functionality, or combinations of purposed features, which might be used by those with bad intensions - in other words: they are looking for the exploitable.  Is it always a good thing, that they find it? 
<<   <   Page 2 / 2

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-10-03
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
PUBLISHED: 2022-10-03
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.
PUBLISHED: 2022-10-03
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.