Some server issues, this week! So few links, sorry!


IM­P4GT: IM­Per­so­na­ti­on At­tacks in 4G NeT­works

Long Term Evo­lu­ti­on (LTE/4G) es­ta­blis­hes mu­tu­al au­then­ti­ca­ti­on with a prov­a­b­ly se­cu­re Au­then­ti­ca­ti­on and Key Agree­ment (AKA) pro­to­col on layer three of the net­work stack. Per­ma­nent in­te­gri­ty pro­tec­tion of the con­trol plane safe­guards the traf­fic against ma­ni­pu­la­ti­ons. Howe­ver, mis­sing in­te­gri­ty pro­tec­tion of the user plane still al­lows an ad­versa­ry to ma­ni­pu­la­te and re­di­rect IP pa­ckets, as re­cent­ly de­mons­tra­ted.

In this work, we in­tro­du­ce a novel cross-lay­er at­tack that ex­ploits the exis­ting vul­nerabi­li­ty on layer two and ex­tends it with an at­tack me­cha­nism on layer three. More pre­cise­ly, we take ad­van­ta­ge of the de­fault IP stack be­ha­vi­or of ope­ra­ting sys­tems and show that com­bi­ning it with the lay­er-two vul­nerabi­li­ty al­lows an ac­tive at­ta­cker to im­per­so­na­te a user towards the net­work and vice versa; we name these at­tacks IM­P4GT (IM­Per­so­na­ti­on at­tacks in 4G neT­works). In con­trast to a sim­ple re­di­rec­tion at­tack as de­mons­tra­ted in prior work, our at­tack dra­ma­ti­cal­ly ex­tends the pos­si­ble at­tack sce­na­ri­os and thus em­pha­si­zes the need for user-pla­ne in­te­gri­ty pro­tec­tion in mo­bi­le com­mu­ni­ca­ti­on stan­dards. The re­sults of our work imply that pro­vi­ders can no lon­ger rely on mu­tu­al au­then­ti­ca­ti­on for bil­ling, ac­cess con­trol, and legal pro­se­cu­ti­on. On the other hand, users are ex­po­sed to any in­co­ming IP con­nec­tion as an ad­versa­ry can by­pass the pro­vi­der's fire­wall. To de­mons­tra­te the prac­tical im­pact of our at­tack, we con­duct two IM­P4GT at­tack va­ri­ants in a live, com­mer­ci­al net­work, which - for the first time - com­ple­te­ly break the mu­tu­al au­then­ti­ca­ti­on aim of LTE on the user plane in a re­al-world set­ting.

Publications - Ruhr-Universität Bochum

Kali Linux 2020.1 Release

The following is a brief feature summary for this release:

- Non-Root by default
- Kali single installer image
- Kali NetHunter Rootless
- Improvements to theme & kali-undercover
- New tools

Kali Linux

Ragnarok Ransomware Targets Citrix ADC, Disables Windows Defender

A new ransomware called Ragnarok has been detected being used in targeted attacks against unpatched Citrix ADC servers vulnerable to the CVE-2019-19781 exploit.

Last week, FireEye released a report about new attacks exploiting the now patched Citrix ADC vulnerability to install the new Raganarok Ransomware on vulnerable networks.

When attackers are able to compromise a Citrix ADC device, various scripts would be downloaded and executed that scan for Windows computers vulnerable to the EternalBlue vulnerability.

If detected, the scripts would attempt to exploit the Windows devices, and if successful, inject a DLL that downloads and installs the Ragnarok ransomware onto the exploited device.


Microsoft's IE Zero-day Fix is Breaking Windows Printing

On January 17th, 2020, Microsoft disclosed a zero-day remote code execution vulnerability in Internet Explorer 11, 10, and 9 that was being used in "limited targeted attacks".
To exploit this vulnerability, attackers can create a specially crafted web site that when visited in Internet Explorer will remotely execute commands on the visitor's computer without their knowledge or permission.
As no update is available yet, Microsoft released a temporary fix that involves changing the owner of the %windir%\system32\jscript.dll and denying access to the file for the Everyone group.

Unfortunately, the scope of issues being caused by applying this fix is greater than originally thought.
Since applying this fix, many users have reported that this fix is also causing printing to fail on HP printers and other USB printers.
When users attempt to print they receive I/O errors and the print jobs fail.



Neil Young says the MacBook Pro has ‘Fisher-Price’ audio quality

Musician Neil Young and tech executive Phil Baker have been trying to push the tech industry to make it easier for consumers to listen to high-quality audio for almost a decade now.
In an interview with The Vergecast, Young tells Verge editor-in-chief Nilay Patel that even though Grammy-winning artists are able to make music almost anywhere they go on their laptop or mobile devices, they’re still sacrificing on audio fidelity.

The Verge

US court fully legalized website scraping and technically prohibited it

On September 9, the U.S. 9th circuit court of Appeals ruled (Appeal from the United States District Court for the Northern District of California) that web scraping public sites does not violate the CFAA (Computer Fraud and Abuse Act).

This is a really important decision. The court not only legalized this practice, but also prohibited competitors from removing information from your site automatically if the site is public. The court confirmed the clear logic that the entry of the web scraper bot is not legally different from the entry of the browser. In both cases, the “user” requests open data — and does something with it on their side.



Russia blocks encrypted email service ProtonMail

Russia said on Wednesday it had blocked the Swiss email service ProtonMail, popular among journalists and activists for its focus on user privacy and high level of encryption.

Russian communications watchdog Roskomnadzor said ProtonMail, which uses end-to-end encryption to protect user data, had been used to send fake, anonymous bomb threats.

Such threats have frequently led to mass evacuations of public buildings across Russia.

Roskomnadzor said that ProtonMail had refused to provide Russian authorities with information on the owners of email accounts allegedly associated with fake bomb threats.



Planned nuclear storage material could decay faster than expected

A number of countries, including the United States, have been planning for long-term storage of nuclear wastes. While many of these nations plan to keep the waste isolated from water, that's not something that can be guaranteed over the extremely long lifespans of the waste. If water reaches the radioactive isotopes, there's the chance that the isotopes could contaminate the groundwater in the area and spread well beyond the site of the storage repository.

To prevent that, plans are to have multiple layers of defense. The waste itself will be incorporated into a chemically inert, insoluble glass. And the glass itself will be placed in a stainless steel flask that will keep it from mixing with the surroundings.

Each of those materials seems to work well in tests. But now, a large team of researchers has found that, in combination, the materials aren't as robust as we'd like them to be. The problems only occur if water somehow gets into the container, but if it does, the interface between the glass and stainless steel actually accelerates chemical reactions that degrade both.



Jeri Ryan and Sir Patrick Stewart Discuss the Legacy of Star Trek, Spandex, and Being Memes

Nerd fame is a strange thing. The sheer passion with which people relate to you, or to something you’ve created, is a lot to handle, even for the most seasoned actor or creator. For the cast of a phenomenon like Star Trek, it must be even more overwhelming.

That intensity is part of what makes this interview, conducted by BBC Radio 1, so fun to watch. Talking to film critic Ali Plumb, Sir Patrick Stewart and Jeri Ryan, promoting Picard, have a relaxed and playful discussion about their experiences with fandom and Star Trek. Along the way, they discuss action figures, getting mistaken for other celebrities, and spandex.