October 30, 2015

HackerSIM: Blamestorming

Recently, there have been a lot of articles about a SIM card that has some incredible features. This topic sparked a lively discussion full of skepticism and mind-blowing theories. Let's lift the veil on some technical aspects of this story. Of course, we wouldn't be able to carry out the tests without the SIM card provided by @MagisterLudi.

A short resume for those who don't want to read the whole review:
  • There is no forced encryption, protection from intercept complexes, connection to a base station with the second strongest signal, IMSI and location hiding.
  • There is phone number substitution, voice substitution, and billing.
Let's take a closer look at each of these features.

October 22, 2015

Vulnerability Assessment According to CVSS 3.0

We have been using this assessment system since we created our vulnerability base and developed our first product, XSpider (I hope there are some who remember it). It is very important for us to maintain the knowledge base that we use in our products and services and keep it up-to-date. Since the guidelines to CVSS metrics do not cover all the possible vulnerabilities, the question arises: what is the best way to make the index reflect the real severity level of a vulnerability?

We are constantly monitoring the development of the standard, so we have been waiting for the final version of CVSS. When I opened the specification, I wanted answers to the following questions. What was improved? What exactly was changed? Can we apply the new standard to our products? And — considering the fact that the database is often managed by new specialists — how much time do you need to master the assessment procedure? And how clear are the criteria?

This article appeared in the course of studying the standard and will, hopefully, help you to understand the new vulnerability assessment procedure.

October 12, 2015

Industrial control system security in 2014: trends and vulnerabilities

In recent years, the industrial control systems (ICS) have become a popular target for malicious users and cyber criminals. The Stuxnet (2010) and Flame (2012) worms were replaced by more complicated malware and sophisticated attack schemes in 2014. For example, hackers spread the Havex Trojan horse by injecting malicious code into SCADA software on vendors' websites. This malicious software was then downloaded in factories, so that attackers could obtain administrative access to industrial control systems in several European countries.

In 2012, specialists from Positive Technologies published a research paper entitled "SCADA Safety in Numbers". The current report is an update on that paper through 2015. Key trends in ICS security are listed below:

October 2, 2015

Positive Technologies Experts Detect Critical Vulnerability in Huawei LTE Modems

Huawei thanked the Positive Technologies experts Timur Yunusov and Kirill Nesterov and the information security specialist Alexey Osipov, who detected a harmful vulnerability in Huawei 4G USB modems (E3272s) and helped to fix it.

Upon the research, the Chinese telecommunications equipment company issued a software update for the device.

According to the Huawei PSIRT bulletin, a potential intruder can block the device by sending a malicious packet. The Positive Technologies researchers claim that the vulnerability may lead to a DOS attack and remote arbitrary code execution via an XSS attack or stack overflow.