via knowcache.com
New hacking technique imperceptibly changes memory virtual servers
For the first time ever a team of Dutch hacking experts, led by cyber security professor Herbert Bos, managed to alter the memory of virtual machines in the cloud without a software bug, using a new attack technique.
With this technique an attacker can crack the keys of secured virtual machines or install malware without it being noticed. It’s a new deduplication-based attack in which data can not only be viewed and leaked, but also modified using a hardware glitch. By doing so the attacker can order the server to install malicious and unwanted software or allow logins by unauthorized persons.
Deduplicationand Rowhammer bug
With the new attack technique Flip Feng Shui (FSS), an attacker rents a virtual machine on the same host as the victim. This can be done by renting many virtual machines until one of them lands next to the victim. A virtual machine in the cloud is often used to run applications, test new software, or run a website. There are public (for everyone), community (for a select group) and private (for one organization accessible) clouds. The attacker writes a memory page that he knows exists in the victim on the vulnerable memory location and lets it deduplicate. As a result, the identical pages will be merged into one in order to save space (the information is, after all, the same). That page is stored in the same part of the memory of the physical computer. The attacker can now modify the information in the general memory of the computer. This can be done by triggering a hardware bug dubbed Rowhammer, which causes flip bits from 0 to 1 or vice versa, to seek out the vulnerable memory cells and change them.
Cracking OpenSSH
The researchers of the Vrije Universiteit Amsterdam, who worked together with a researcher from the Catholic University of Leuven, describe in their research two attacks on the operating systems Debian and Ubuntu. The first FFS attack gained access to the virtual machines through weakening OpenSSH public keys. The attacker did this by changing the victim’s public key with one bit. In the second attack, the settings of the software management application apt were adjusted by making minor changes to the URL from where apt downloads software. The server could then install malware that presents itself as a software update. The integrity check could be circumvented by making a small change to the public key that verifies the integrity of the apt-get software packages.
Advise NSCS
Debian, Ubuntu, OpenSSH and other companies included in the research were notified before the publication and all have responded. The National Cyber Security Centre (NSCS) of the Dutch government has issued a fact sheet containing information and advice on FFS.
‘Hack-Oscar’
The researchers presented their findings this week during the UNESIX Security Symposium 2016 in the United States. Recently they won the Oscar of hacking: the Pwnie for another attack technique that allows attackers to take over state-of-the-art software (such as the new Edge browser on Microsoft Windows) with all defences up, even if the software has no bugs. Moreover, they can do this from JavaScript in the browser.
Learn more:Â New hacking technique imperceptibly changes memory virtual servers
The Latest on: Hacking
via Google News
The Latest on: Hacking
- Statutory defense for ethical hacking under UK Computer Misuse Act tabledon June 23, 2022 at 7:06 am
UK legislators have proposed an amendment to the Product Security and Telecommunications Infrastructure (PSTI) bill that would give cybersecurity professionals a legal defense for their activities ...
- Warzone pro OEK responds to hacking accusationson June 22, 2022 at 3:15 pm
Warzone pro, OEK responded to hacking allegations by making an official statement and responding to all of the clips in question.
- The Download: China’s possible surveillance sanctions, and hacking locustson June 22, 2022 at 8:26 am
The world’s biggest surveillance company you’ve never heard of You may never have heard of Hikvision, but chances are you’ve already been captured by one of its millions of cameras. The Chinese ...
- Russian hacking groups step up cyber espionage on Ukraine allies, Microsoft sayson June 22, 2022 at 8:11 am
Russian government hackers recently carried out multiple cyber espionage operations targeting countries allied with Ukraine since its February invasion, Microsoft said in a report on Wednesday, ...
- A simple tool to make websites more secure and curb hackingon June 22, 2022 at 7:52 am
An international team of researchers has developed a scanning tool to make websites less vulnerable to hacking and cyberattacks.
- Ukrainian organizations warned of hacking attempts using CredoMap malware, Cobalt Strike beaconson June 22, 2022 at 7:03 am
Russian hackers continue their attempts to break into the systems of Ukrainian organisations, this time with phishing and fake emails.
- Gamification of Ethical Hacking and Hacking Esportson June 22, 2022 at 5:50 am
Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, explores why gamified platforms and hacking esports are the future. While ethical hacking is by no means a new or ...
- The Nightmare Politics and Sticky Science of Hacking the Climateon June 22, 2022 at 4:00 am
Spraying aerosols and sucking carbon out of the air would bring down temperatures, yes. But the unintended consequences of geoengineering could be enormous.
- A new startup is offering Instagram hacking insurance to influencers. Here's how it works.on June 21, 2022 at 8:22 am
Startup app Notch is offering an insurance plan for Instagram users and influencers in case they get hacked or get locked out of their accounts.
- Police linked to hacking campaign to frame Indian activistson June 17, 2022 at 9:47 am
Police forces around the world have increasingly used hacking tools to identify and track protesters, expose political dissidents' secrets, and turn activists' computers and phones into inescapable ...
via Bing News
