New Bluetooth Vulnerability Allows Attackers to Intercept Traffic

Double entendres abound with the KNOB (key negotiation of Bluetooth) attack against the basic rate/enhanced data rate (BR/EDR, or Bluetooth Classic) configuration, which could result in information disclosure and/or escalation of privileges.

Source: New Bluetooth Vulnerability Allows Attackers to Intercept Traffic

Microsoft Fixes Over 90 Security Bugs in August 2019 Updates + HTTP/2 DoS Bugs

It looks like a busy few days ahead for Threat and Vulnerability managers as Microsoft release over 90 fixes to security bugs including patches for 4 new blue-keep-esque wormable RDP flaws.

Trend Micro’s ZDI takes the credit for finding more Remote Desktop Services bugs, with CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226.

These vulnerabilities are rated critical and wormable, and only apply to Windows 7 sp1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 and all Windows 10 versions and Windows Server versions after that.

In addition, HTTP/2 has just taken a bashing, with the discovery of 8 denial of service vulnerabilities which affect implementations on Apache, IIS and NGINX.

Sources:

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates

HTTP/2 Implementation Flaw Expose Websites to DoS Attacks

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. The vulnerability, which could allow a low privileged application to read and write data to a higher privileged application, resides in the way MSCTF clients and server communicate with each other.

Source: Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

Threat Roundup for August 2 to August 9

Talos is publishing a glimpse into the most prevalent threats we’ve observed between Aug. 2 and Aug. 9. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioural characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Source: Threat Roundup for August 2 to August 9

Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs

If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you’re probably screwed. A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to gain most privileged permission on the system and hide malware

Source: Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs

Nmap 7.80 released: A mature Npcap Windows packet capturing driver, 11 new NSE scripts

Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

Source: Nmap 7.80 released: A mature Npcap Windows packet capturing driver, 11 new NSE scripts

FireEye: Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction

The final post in FireEye’s three-part series on Windows 10 memory forensics. This last part looks at how to automate the extraction of undocumented structures from deep within memory using the tools introduced in the earlier parts.

Check out the FireEye presentations at BlackHat and DefCon.

Source: Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction

FireEye: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive

Read the second part of this series from FireEye looking into memory forensics in Windows 10. This ties in with their presentation at this year’s BlackHat USA 2019 in Las Vegas.

Source: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive

VBScript is dead! Long live VBScript.

Sophos reports that Microsoft are making good on their promise to kill off everyone’s favourite scripting language, VBScript.

On August 2nd Microsoft pushed the ‘off-button’ on Window 8 / 8.1 devices.

You can still use it if you are that perverted, but you need to do some serious GPO fiddling.

Check out their report.