Microsoft is continuing to develop their Linux presence, this time by re-engineering Process Monitor as ProcMon for Linux. They attempt to bridge the gap between being a developer and an exploit author, walking us through the process of building an actual working exploit PoC based on a Google Project Zero write-up. We’ve covered many kernel level exploits in this column, but never have we covered a guide quite like the one just published by Secfault Security. To Make an Exploit From Scratch, You Must First Invent the Universe If a Google account was breached, the practice was to start with Google Takeout, the service from Google that allows downloading all the data Google has collected related to that account. If a targeted account used two factor authentication, the attacker was to make a note and give up on gaining access to that account. The training videos also contained a few interesting tidbits. Among the captured data was records of compromised accounts belonging to US and Greek military personnel. I suspect a Deadpool fan must work at IBM, but that’s beside the point.Ī server suspected to be used by ITG18 was incorrectly configured, and when data and training videos were stored there, that data was publicly accessible. This story comes from the IBM X-Force Incident Response Intelligence Services (IRIS). We’re once again talking about the strange shadowy world of state sponsored hacking. Even top-tier security professionals make catastrophic mistakes, and this time it was the operators at Iran’s ITG18.
0 Comments
Leave a Reply. |