Aggregator

AI security firm Mindgard discovered a flaw in OpenAI’s Sora 2 model, forcing the video generator to leak…

Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems. [...]

At Security Field Day, Nile delivered a message that challenges decades of enterprise networking orthodoxy: the traditional Local Area Network architecture is fundamentally obsolete for modern security requirements. The problem isn’t subtle. While connectivity remains the lifeblood of most organizations, traditional LAN environments—where the majority of users and devices operate—receive the least investment and are..

The post Nile’s Bold Claim: Your LAN Architecture Is Fundamentally Broken appeared first on Security Boulevard.

A vulnerability was found in SailPoint IdentityIQ up to 8.1p6/8.2p6/8.3p3/8.4. It has been rated as critical. The affected element is an unknown function of the component JavaServer Faces. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-2227. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. Affected by this issue is the function doFilter of the file \agile-bpm-basic-master\ab-auth\ab-auth-spring-security-oauth2\src\main\java\com\dstz\auth\filter\AuthorizationTokenCheckFilter.java. The manipulation results in improper access controls. This vulnerability is known as CVE-2024-12235. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability classified as problematic was found in HPE Aruba Networking AOS up to 8.10.0.15/8.12.0.3/10.4.1.6/10.7.1.0. Affected by this issue is some unknown functionality of the component Captive Portal. Executing manipulation can lead to cross site scripting. This vulnerability appears as CVE-2025-27084. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.1.21/6.2.8. The affected element is an unknown function. This manipulation causes privilege escalation. This vulnerability is registered as CVE-2023-53036. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.1.21/6.2.8. This impacts an unknown function of the component arm64. Executing manipulation can lead to privilege escalation. This vulnerability appears as CVE-2023-53043. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 5.15.104/6.1.21/6.2.8 and classified as critical. This vulnerability affects the function kzalloc of the component scsi. Performing manipulation results in null pointer dereference. This vulnerability was named CVE-2023-53038. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.2.8 and classified as critical. Affected by this vulnerability is the function ieee802154_hdr_peek_addrs of the component ca8210. Executing manipulation can lead to buffer overflow. This vulnerability appears as CVE-2023-53040. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.21/6.2.8. The impacted element is an unknown function of the component scsi. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2023-53037. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.1.20/6.2.7. This affects an unknown part. Executing manipulation can lead to privilege escalation. This vulnerability is registered as CVE-2023-53042. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.104/6.1.21/6.2.8. It has been rated as critical. Affected by this issue is the function ish_probe of the component HID. Performing manipulation results in use after free. This vulnerability is cataloged as CVE-2023-53039. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in SailPoint IdentityIQ up to 8.1p6/8.2p6/8.3p3/8.4. The impacted element is an unknown function of the component Lifecycle Manager. The manipulation results in improper privilege management. This vulnerability was named CVE-2024-2228. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in OpenKM up to 6.3.11. It has been classified as problematic. The impacted element is an unknown function of the file /admin/DatabaseQuery. This manipulation causes cross-site request forgery. This vulnerability is handled as CVE-2024-35475. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “Lighthouse” to steal sensitive financial information by sending […]

SESSION
Session 3A: Network Security 1

Authors, Creators & Presenters: Shencha Fan (GFW Report), Jackson Sippe (University of Colorado Boulder), Sakamoto San (Shinonome Lab), Jade Sheffey (UMass Amherst), David Fifield (None), Amir Houmansadr (UMass Amherst), Elson Wedwards (None), Eric Wustrow (University of Colorado Boulder)

PAPER
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
We present textit(Wallbleed), a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China. Wallbleed caused certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted DNS query. It afforded a rare insight into one of the Great Firewall's well-known network attacks, namely DNS injection, in terms of its internal architecture and the censor's operational behaviors. To understand the causes and implications of Wallbleed, we conducted longitudinal and Internet-wide measurements for over two years from October 2021. We (1) reverse-engineered the injector's parsing logic, (2) evaluated what information was leaked and how Internet users inside and outside of China were affected, and (3) monitored the censor's patching behaviors over time. We identified possible internal traffic of the censorship system, analyzed its memory management and load-balancing mechanisms, and observed process-level changes in an injector node. We employed a new side channel to distinguish the injector's multiple processes to assist our analysis. Our monitoring revealed that the censor coordinated an incorrect patch for Wallbleed in November 2023 and fully patched it in March 2024. Wallbleed exemplifies that the harm censorship middleboxes impose on Internet users is even beyond their obvious infringement of freedom of expression. When implemented poorly, it also imposes severe privacy and confidentiality risks to Internet users.

ABOUT NDSS The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.

Permalink

The post NDSS 2025 – Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China appeared first on Security Boulevard.

SESSION
Session 2D: Android Security 1

Authors, Creators & Presenters: Inon Kaplan (Independent Researcher), Ron Even (Independent Researcher), Amit Klein (The Hebrew University Of Jerusalem, Israel)

---
PAPER
---

You Can Rand but You Can't Hide: A Holistic Security Analysis of Google Fuchsia's (and gVisor's) Network Stack
This research is the first holistic analysis of the algorithmic security of the Google Fuchsia/gVisor network stack. Google Fuchsia is a new operating system developed by Google in a "clean slate" fashion. It is conjectured to eventually replace Android as an operating system for smartphones, tablets, and IoT devices. Fuchsia is already running in millions of Google Nest Hub consumer products. Google gVisor is an application kernel used by Google's App Engine, Cloud Functions, Cloud ML Engine, Cloud Run, and Google Kubernetes Engine (GKE). Google Fuchsia uses the gVisor network stack code for its TCP/IP implementation. We report multiple vulnerabilities in the algorithms used by Fuchsia/gVisor to populate network protocol header fields, specifically the TCP initial sequence number, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID fields. In our holistic analysis, we show how a combination of multiple attacks results in the exposure of a PRNG seed and a hashing key used to generate the above fields. This enables an attacker to predict future values of the fields, which facilitates several network attacks. Our work focuses on web-based device tracking based on the stability and relative uniqueness of the PRNG seed and the hashing key. We demonstrate our device tracking techniques over the Internet with browsers running on multiple Fuchsia devices, in multiple browser modes (regular/privacy), and over multiple networks (including IPv4 vs. IPv6). Our tests verify that device tracking for Fuchsia is practical and yields a reliable device ID. We conclude with recommendations on mitigating the attacks and their root causes. We reported our findings to Google, which issued CVEs and patches for the security vulnerabilities we disclosed.

---

ABOUT NDSS

The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

---

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.

Permalink

The post NDSS 2025 – A Holistic Security Analysis Of Google Fuchsia’s (And gVisor’s) Network Stack appeared first on Security Boulevard.