MySQL Authentiacation Bypass Vulnerability [CVE-2012-2122]

MySQL

A security issue and vulnerability have been reported in MySQL, which can be exploited by malicious people to bypass certain security restrictions.

It is possible to execute a one-liner bash command to exploit the vulnerability:

$ for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done

Recommended steps include the following:

a)  Secure MySQL so that it’s not exposed to the network at large in the first place. Most Linux distributions bind the MySQL daemon to localhost, preventing remote access to the service.

In cases where network access must be provided, MySQL also provides host-based access controls. For the few use cases where the MySQL daemon should be intentionally exposed to the wider network and without any form of host-based access control.

By modifying the my.cnf file – you can restrict access to the local system – Open my.cnf > find the section labeled [mysqld] > change (or add a new line to set) the “bind-address” parameter to “127.0.0.1”. Restart the MySQL service to apply this setting.

b)  The next step would be to upgrade to a stable, non-vulnerable update, as per vendor recommendation.

The following distros have been confirmed vulnerable:

  • Ubuntu Linux 64-bit ( 10.04, 10.10, 11.04, 11.10, 12.04 )
  • OpenSuSE 12.1 64-bit MySQL 5.5.23-log
  • Debian Unstable 64-bit 5.5.23-2
  • Fedora (confirmed by Red Hat )
  • Arch Linux
Advertisements

How You Should Secure Your iPhone

Yet another great article by LifeHacker.

Here’s how to set it up if you aren’t currently using a passcode:

  1. Unlock your iPhone and open Settings > General > Passcode Lock.
  2. Toggle Simple Passcode to Off.
  3. Tap Turn Passcode On (assuming you don’t already have it turned on) and enter your new passcode using only numbers. You’ll see the standard alphanumeric keyboard during your initial passcode creation and confirmation, but don’t worry—if you stick with numbers, you’ll get the numeric keyboard later.

Click this link for the full post.

BEAST Breaks SSL Confidentiality Model

A tool called BEAST decrypts secret PayPal cookies residing in versions 1.0 and earlier of TLS by attacking the confidentiality model of the protocol. According to the researchers, Thai Duong and Juliano Rizzo, they claim BEAST is: “…the first attack that actually decrypts HTTPS requests.” As opposed to other attacks which targeted the authenticity of the protocol. Continue reading

Expanding your Twitter Security Network with Formulists

Image representing Twitter as depicted in Crun...

Image via CrunchBase

Twitter lists are great for organizing your favorite follows into one column or page.  However, manually curating lists can be a laborious task. A couple of weeks ago I got to know about Formulists, a web-app for auto-creating and managing Twitter lists and exploring new people in various ways.

To get your security list done, link your Twitter account to Formulists to group your favorite security-tweeps into a group.

To create a generic list of security tweeps:

Topic: Security
Tweep Search List Options: Don't Exclude People
Basic Options: 40 to 50 - This is more of a personal option
Profile Filter Options: 
 Bio: Infosec OR security OR hacker
 Filter by when they last tweeted: Last 30 days
 Filter by following and followers: More than 50 followers

Now, if you would like to add a list of people who you’re not following yet, do this quick-fix:

Tweep Search" List Options: Exclude people I already follow from list

This should give you a good start feed with bunch of interesting and informative security tweets.

You can follow my personal security list here.

Follow us on @securopia and @gigadeleo.

Happy tweeting 🙂

Data Security Tips for Cloud Users

Selecting a Cloud service provider (CSP) isn’t just about picking the better deal that fits your company’s budget. The cloud provider framework is where your data will be stored and, more often than not, data plays a huge part of the day-to-day running of a business. Therefore, it is essential to go over other key points that make sure enough efforts are done to provide you with available, confidential and unchanged data. It is essential that your CSP voluntarily discloses this information on how your data will be stored whenever you need it. Infact, doing such checks will only be possible if the provider has transparent processes and procedures. Transparency plays a huge factor in this. You can read more about Transparency & Trust within the cloud environment, in my previous article.

Continue reading

Transparency & Trust in Cloud Security

The Planet Data Center

Image by The Planet via Flickr

A Cloud service provider (CSP) can decide to expose various levels of its internal procedures. This article discusses how transparent processes adopted by CSP’s increase the confidence levels in an organization making use of cloud services.

Continue reading

Spear-Phishing: Protecting yourself from the attack

Spear Fishing

Spear Phishing is one of the big malware trends this year.  What makes these types of attacks so different from conventional phishing attacks is that they are targeted at individuals, mostly high-profile users, instead of a mass user base. The main aim of a spear-phishing attack is to get the user to run a 0-day malware infected file that opens a backdoor, consequently allowing access to sensitive information or access to elevated privileges.

Continue reading

Opting for Disaster Recovery in the cloud

Cloud

Image via Wikipedia

Disaster Recovery Plans (DRP’s) have always been a subject of debate due to various factors such as the amount of capital required and resources invested in the system. It’s not easy to convince management to invest in such a plan when there may never be a return on investment, mostly when management also factor in solutions like insurance in the equation.

So why does DRP in the cloud make everyone’s (including your Financial Controller’s) life easier?

Continue reading

Daily Security: The Check-list

Check Writing

Image by CarbonNYC via Flickr

We all know that hacking is a 24/7 business; and as much as we good people enjoy keeping our workplaces and homes safe from wrong-doers, most of us cannot afford watching out for attacks 24/7. Especially today, where security is becoming broader, encompassing new and old practices.

Continue reading