TOP-3 information security events of the week according to Jet CSIRT

Jet CSIRT experts continue to compile top information security news for you this week. This time, the TOP-3 includes 15-year Linux kernel subsystem vulnerabilities, a new study of the OnionCrypter cryptor, and a new PoC code for exploiting the Specter vulnerability. The top three news were collected by Jet CSIRT analyst Andrey Maslov. Read more under the cut.

15-year vulnerabilities identified in Linux kernel subsystem

Specialists of the GRIMM organization identified subsystem vulnerabilities iSCSI Linux Kernel (CVE-2021-27365, CVE-2021-27363, CVE-2021-27364) that allow a local user with basic privileges to elevate himself to the superuser level. Exploitation of vulnerabilities is possible only if the attacker has local access to the system. Despite the fact that vulnerabilities in the iSCSI subsystem appeared in the early stages of development back in 2006, they were revealed only now. Vulnerability fixes are already available in the main Linux kernel as of March 7, 2021.

OnionCrypter Crypter Research Published

Company specialists Avast published research one of the tools that attackers can use to hide malicious code from defenses by using payload encryption. Due to its multilevel structure, the identified tool was named OnionCrypter. This utility has two distinctive features. First, it has multilayer payload encryption. And secondly, the main functions in each of the studied samples are unique.

Google Unveils PoC Code To Exploit Specter Vulnerability

Google Researchers Publish JavaScript Exploit, which demonstrates the possibility of using the Specter vulnerability (CVE-2017-5753) to access information in the browser memory area. According to Google engineers, the exploit works on a variety of architectures and in practice proves the unreliability of some of the protection mechanisms currently used by developers (site isolation, Cross-Origin, Cross-Origin Read Blocking). To fully demonstrate the attack, experts created a website leaky.page, which describes in detail the stages of the attack and the mechanisms involved.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *