Serious Security: Outdated Crypto Causes Samba Logon Bug

Over the years the Samba project has not only introduced and fixed its own unique bugs, as any complex software project generally does, but has also inherited bugs and shortcomings in the underlying protocol, given that its goal has always been to work seamlessly with Windows networks. Astonishingly, the CVE-2022-38023 vulnerability existed in the first place because both Windows and Samba still supported a style of integrity protection based on the long-deprecated hashing algorithm MD5. Simply put, network authentication using Microsofts version of the Kerberos protocol still allowed data to be integrity-protected using flawed cryptography. You shouldnt be using MD5 any more because its considered broken: a determined attacker can easily come up with two different inputs that end up with the same MD5 hash. As you probably already know one of the requirements of any hash that claims cryptographic quality is that this simply shouldnt be possible. In the jargon, two inputs that have the same hash is known as a collision, and there arent supposed to be any programmatic tricks or shortcuts to help you find one quickly. There should be no way to find a collision thats better than simple good luck - trying over and over again with ever-changing input files until you hit the jackpot. Assuming a reliable algorithm, with no exploitable weaknesses, youd expect that a hash with X bits of output would need about 2X-1 tries to find a second input that collided with the hash of an existing file. Even if all you wanted to do was to find any two inputs that just happened to have the same hash, youd expect to need slightly more than 2X/2 tries before you hit upon a collision. Any hashing algorithm that can be reliably be Cracked faster than that isnt cryptographically safe, because youve shown that its internal process for shredding-chopping-and-stirring-up the data thats fed into it doesnt produce a truly pseudorandom result at all. If there are 2X different possible hash outputs, youd hope to hit a 50:50 chance of finding an input with a specific, pre-determined hash after about half as many tries, and 2X/2 = 2X-1. Finding any two files that collide is easier, because every time you try a new input, you win if your new hash collides with any of the previous inputs youve already tried, because any pair of inputs is allowed. For a collision of the Any two files in this giant bucket will do sort, you hit the 50:50 chance of success at just slightly more than the square root of the number of possible hashes, and √2X = 2X/2. So, for a 128-bit hash such as MD5, youd expect, on average, to hash about 2127 blocks to match a specific output value, and 264 blocks to find any pair of colliding inputs. As it happens, you cant easily generate two completely different, unrelated, pseudorandom inputs that have the the same MD5 hash. You cant easily go backwards from an MD5 hash to uncover anything about the specific input that produced it, which is another cryptographic promise that a reliable hash needs to keep. If you start with two identical inputs and carefully insert a deliberately-calculated pair of Collision-building chunks at the same point in each input stream, you can reliably create MD5 collisions in seconds, even on a modest laptop. Using an MD5 research tool called md5 fastcoll, originally created by mathematician Marc Stevens as part of his Masters degree in cryptography back in 2007, we quickly produced two 128-byte MD5 collision-building chunks that we used to replace the comment text shown in the file above. They are visibly different in several bytes, and should therefore have completely different hash values, as the following a code diff reveals. MD5 is a 128-bit hash, as the output strings above make clear. As mentioned before, wed expect to need about 2128/2, or 264 tries on average in order to produce an MD5 collision of any sort. At an estimated peak MD5 hash rate of about 50,000,000 blocks/second on our laptop, that means wed have to wait more than 10,000 years, and although well-funded

This Cyber News was published on nakedsecurity.sophos.com. Publication date: Tue, 31 Jan 2023 11:36:02 +0000


Cyber News related to Serious Security: Outdated Crypto Causes Samba Logon Bug

Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
10 months ago Darkreading.com
The 20 Most Essential Crypto Bug Bounty Programs - Working with cryptocurrency has become more and more popular in the last few years, but it’s not without risks. It’s important for sites that conduct digital payments and transfers to have security measures in place to help keep your data safe ...
1 year ago Hackread.com
The Week in Ransomware - January 20th, 2023 Crypto Exchanges Under Attack - The week of January 20th, 2023 brought yet another wave of ransomware attacks targeting crypto exchanges. Crypto exchanges all around the world have been hit by a barrage of sophisticated and well-planned ransomware campaigns. From high-profile ...
1 year ago Bleepingcomputer.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
9 months ago Feeds.dzone.com
CVE-2019-14833 - A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be ...
1 year ago
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
9 months ago Bleepingcomputer.com
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
9 months ago Bleepingcomputer.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 week ago Helpnetsecurity.com
Bloomberg Crypto X account snafu leads to Discord phishing attack - The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link ...
10 months ago Bleepingcomputer.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
10 months ago Microsoft.com
Serious Security: Outdated Crypto Causes Samba Logon Bug - Over the years the Samba project has not only introduced and fixed its own unique bugs, as any complex software project generally does, but has also inherited bugs and shortcomings in the underlying protocol, given that its goal has always been to ...
1 year ago Nakedsecurity.sophos.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
4 months ago Esecurityplanet.com
CVE-2018-16853 - Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the ...
5 years ago
CVE-2023-52443 - In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd ...
7 months ago Tenable.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
7 months ago Esecurityplanet.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
8 months ago Cybersecuritynews.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
5 months ago Blog.checkpoint.com
North Korean Hackers Stole $600m in Crypto in 2023 - North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on ...
9 months ago Infosecurity-magazine.com
Android/SpyNote Moves to Crypto Currencies - Affected Platform: AndroidImpacted Users: Android users with mobile crypto wallet or banking applicationsImpact: Financial LossSeverity Level: Medium. It has grown into one of the most common families of malware for Android, with multiple samples, ...
7 months ago Feeds.fortinet.com
IaaS vs PaaS vs SaaS Security: Which Is Most Secure? - Security concerns include data protection, network security, identity and access management, and physical security. While IaaS gives complete control and accountability, PaaS strikes a compromise between control and simplicity, and SaaS provides a ...
9 months ago Esecurityplanet.com
Massive Data Breach at Gokumarket: Over a Million Users' Information Exposed - Several days before the leak, the GokuMarket team found an unprotected MongoDB instance, which was storing information about its users, namely those who bought and sold crypto on the exchange. In GokuMarket's case, it is the details of more than a ...
9 months ago Cysecurity.news
Normalizing Security Culture: Stay Ready - While it may seem like self-promotion or extraneous work, it’s extremely valuable to take the extra time to summarize threats stopped, processes improved, projects completed and team members modeling strong security behavior. Most people don't ...
1 week ago Darkreading.com
X users fed up with constant stream of malicious crypto ads - Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams. Like all advertising platforms, X, formerly known as Twitter, claims to show advertisements based on a user's activity, ...
9 months ago Bleepingcomputer.com
Best Platform To Catch Up on Crypto News? - That is why crypto publications such as InsideBitcoins.com are getting a lot of traction. These guides give a complete analysis of new and old cryptocurrencies through multiple perspectives. Crypto price predictions are where InsideBitcoins.com's ...
9 months ago Hackread.com
Protecting branch office environments from ransomware The Register - Sponsored Feature Ransomware gangs that steal and encrypt vital business data before extorting payment for its decryption and restoration are ramping up global attacks at an ever-increasing rate. Cyber security experts agree that ransomware now ...
6 months ago Go.theregister.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)