Connect with us

ZDNET

ISC urges updates of DNS servers to wipe out new BIND vulnerabilities

Avatar

Published

on

The Internet Systems Consortium (ISC) has released an advisory outlining a trio of vulnerabilities that could impact the safety of DNS systems. 

This week, the organization said the vulnerabilities impact ISC Berkeley Internet Name Domain (BIND) 9, widely used as a DNS system and maintained as an open source project.

The first vulnerability is tracked as CVE-2021-25216 and has been issued a CVSS severity score of 8.1 (32-bit) or 7.4 (64-bit). Threat actors can remotely trigger the flaw by performing a buffer overflow attack against BIND’s GSSAPI security policy negotiation mechanism for the GSS-TSIG protocol, potentially leading to wider exploits including crashes and remote code execution.

However, under configurations using default BIND settings, vulnerable code paths are not exposed — unless a server’s values (tkey-gssapi-keytab/tkey-gssapi-credential) are set otherwise. 

“Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers,” the advisory reads. “For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built.”

The second security flaw, CVE-2021-25215, has earned a CVSS score of 7.5. CVE-2021-25215 is a remotely-exploitable flaw found in the way DNAME records are processed and may cause process crashes due to failed assertions. 

The least dangerous bug, tracked as CVE-2021-25214, has been issued a CVSS score of 6.5. This issue was found in incremental zone transfers (IXFR) and if a named server receives a malformed IXFR, this causes the named process to crash due to a failed assertion.

The ISC is not aware of any active exploits for any of the bugs.  

Vulnerabilities in BIND are treated seriously as it can take just one bug, successfully exploited, to cause widespread disruption to services.

“Most of the vulnerabilities discovered in BIND 9 are ways to trigger INSIST or ASSERT failures, which cause BIND to exit,” the ISC says. “When an external user can reliably cause the BIND process to exit, that is a very effective denial of service (DoS) attack. Nanny scripts can restart BIND 9, but in some cases, it may take hours to reload, and the server is vulnerable to being shut down again.”

Subscribers are notified of security flaws ahead of public disclosure, and if patches have not been applied for the latest trio of vulnerabilities, fixes should be issued as quickly as possible. 

BIND 9.11.31, 9.16.15, and 9.17.12 all contain patches and the appropriate update should be applied. 

CISA has also issued an alert on the security issues. 

In other security news this week, Microsoft has disclosed bad memory allocation operations in code used in Internet of Things (IoT) and industrial technologies, with a range of vulnerabilities classified under the name “BadAlloc”. Microsoft is working with the US Department of Homeland Security (DHS) to alert impacted vendors. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.zdnet.com/article/isc-urges-updates-of-dns-servers-to-wipe-out-new-bind-vulnerabilities/#ftag=RSSbaffb68

ZDNET

Samsung raises spending in logic chip businesses to $151 billion

Avatar

Published

on

2.jpg
Image: Samsung Electronics

Samsung Electronics has announced it will increase its investment in logic businesses through 2030 to a total of 171 trillion won, approximately $151 billion.

Back in 2019, the South Korean tech giant pledged to spend 133 trillion won through 2030 to its logic businesses.

Samsung said it was adding 38 trillion won to that original investment in order to accelerate advanced research and expand its production facilities.

The South Korean tech giant has two logic businesses, Samsung System LSI and Samsung Foundry. System LSI designs logic chips while Foundry is a contract chip production unit.

By adding more investment, expansion of its Foundry unit “will help fuel entire new industries built on next-generation technologies like AI, 5G and autonomous driving,” the tech giant said.

Samsung also announced that it has begun construction of a new production line at its plant in Pyeongtaek, South Korea.

The new line, called P3, is expected to be complete in the second half of 2022, the company said.

P3 will manufacture 14-nanometre DRAM and 5-nanometre logic semiconductors using extreme ultraviolet (EUV) lithography technology, Samsung added.

“The entire semiconductor industry is facing a watershed moment and now is the time to chart out a plan for long-term strategy and investment,” said Samsung vice chairman and head of its chip business Kim Ki-nam.

“For the memory business, where Samsung has maintained its undisputed leadership position, the company will continue to make preemptive investments to lead the industry.”

While the South Korean tech giant didn’t address the current global chip shortage directly in its announcement, sources told ZDNet that the construction plan for P3 is six months ahead of schedule. Due to this, the tech giant will likely continue to be flexible in what chips its manufactures at its production lines in Pyeongtaek plant going forward, the sources said.

Samsung is the world’s largest memory chip maker by revenue. In foundry, it is the second largest, behind Taiwan Semiconductor Manufacturing Company (TSMC). In terms of total revenue, Samsung is the world’s second largest chip firm, behind Intel.

RELATED COVERAGE

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.zdnet.com/article/samsung-raises-spending-in-logic-chip-businesses-to-151-billion/#ftag=RSSbaffb68

Continue Reading

ZDNET

SoftBank posts ¥5 trillion profit off the back of strong Vision Fund gains

Avatar

Published

on

gettyimages-1229449621.jpg
Image: Getty Images

SoftBank has reported net profit of ¥4.99 trillion for the year ended March, marking a sharp turnaround from the ¥961 billion loss recorded in the year prior.

The primary reason for the turnaround was the ¥4.03 trillion profit from its Vision Fund unit, which was a ¥5.4 trillion improvement from FY2019 when the Vision Fund unit lost ¥1.4 trillion due to various investments across consumer, real estate, and transportation underperforming that year.

According to SoftBank, the ¥4.03 trillion profit was the Vision Fund unit’s strongest annual performance ever.

The strong performance during FY2020 largely came off the back of gains from the recently-listed Coupang and DoorDash, which provided unrealised valuation gains amounting to $25.3 billion and $7.6 billion, respectively.

During the full-year results presentation, SoftBank CEO and chairman Masayoshi Son reused the “golden goose” motif mentioned during the third-quarter presentation when saying SoftBank would need similar results from other unlisted companies in the Vision fund portfolio if it is to maintain the same profit trajectory. 

“We call ourselves an investment company. We don’t do any gambling or focus on one-time gains from market rallies — that’s not what we are looking for. We like to be looking at continuous gains through AI for new technologies,” Son said during the results presentation.

In addition, SoftBank also separately announced it was tripling the size of its Vision Fund 2, from $10 billion from $30 billion.

SoftBank Corp, the conglomerate’s telco, also improved its performance from the year prior, increasing its net sales by 7% year-on-year to ¥848 billion. This led to a 4% year-on-year jump in the segment’s total income, which rose to ¥848 billion.

During the year, SoftBank Corp also saw its mobile subscriber base grow by 3% to 47.2 million while its broadband services gained 300,000 more customers.

Meanwhile, SoftBank’s soon-to-be-sold chip segment, Arm, posted a ¥33.9 billion loss. This is despite Arm’s net sales, increasing by 6% year-on-year to ¥210 billion, which comprised of $1.28 billion in technology royalty revenue and $702 million in non-royalty revenue.

The loss was mainly due to charges that arose from increases being made to the share-based remuneration of Arm employees following the agreement for SoftBank to sell Arm to Nvidia.

The $40 billion sale is still pending as the UK’s competition regulator is currently in the midst of an investigation into the deal. Providing comment on the pending sale, Son said he remained “hopeful” that the transaction will close while adding an Arm IPO could be in the cards if the deal cannot be completed.

During the full year to March 2021, SoftBank also earned ¥422 billion through selling two-thirds of its T-Mobile shares and ¥601 billion on equity method investments from Alibaba.

At the same time, SoftBank lost ¥477 billion from prepaid forward contracts that used Alibaba shares, the company said.

Related Coverage

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.zdnet.com/article/softbank-posts-jpy5-trillion-profit-off-the-back-of-strong-vision-fund-gains/#ftag=RSSbaffb68

Continue Reading

ZDNET

Incremental improvements are not enough as Biden signs order boosting US cyber posture

Avatar

Published

on

president-biden-gettyimages.jpg
Image: Getty Images

United States President Joe Biden signed an executive order on Wednesday to boost the cyber posture of the federal government.

The order points to recent incidents including the ransomware attack on Colonial Pipeline, Exchange vulnerabilities that led to the FBI removing web shells from US servers, and the SolarWinds attack.

The order said the federal government must lead by example.

“Incremental improvements will not give us the security we need; instead, the federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life,” the order states.

“The federal government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid.

“The scope of protection and security must include systems that process data (information technology) and those that run the vital machinery that ensures our safety (operational technology).”

The order mandates that agencies have 180 days to implement multi-factor authentication and encrypt data both at rest and in transit “to the maximum extent” available under federal records and other laws. Agencies that cannot meet the deadline will need to provide a written explanation why not.

“Outdated security models and unencrypted data have led to compromises of systems in the public and private sectors,” the White House said in a fact sheet.

“The Federal government must lead the way and increase its adoption of security best practices, including by employing a zero-trust security model, accelerating movement to secure cloud services, and consistently deploying foundational security tools such as multifactor authentication and encryption.”

A Cybersecurity Safety Review Board will be established under the order and be constituted by federal officials from the Department of Defense, Department of Justice, CISA, NSA, and FBI, as well as private-sector representatives to be determined by the Secretary of Homeland Security. The board will be chaired and co-chaired by one federal and one private-sector member.

The board will meet following a “significant” cyber incident and analyse what happened and make recommendations.

“When something goes wrong, the Administration and private sector need to ask the hard questions and make the necessary improvements,” the White House said.

“This board is modelled after the National Transportation Safety Board, which is used after airplane crashes and other incidents.”

A standardised playbook for incident response will also be created, as will a “government-wide endpoint detection and response system” and mandate to maintain logs to help in incident detection, investigation, and remediation.

“Slow and inconsistent deployment of foundational cybersecurity tools and practices leaves an organisation exposed to adversaries,” the fact sheet states.

Earlier on Wednesday, the Colonial Pipeline restarted operations.

Related Coverage

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.zdnet.com/article/biden-signs-order-boosting-us-cyber-posture-saying-incremental-improvements-are-not-enough/#ftag=RSSbaffb68

Continue Reading

ZDNET

Phishing, ransomware, Web app attacks dominate data breaches in 2021, says Verizon Business DBIR

Avatar

Published

on

more coverage

Web applications represented 39% of all data breaches in the last year with phishing attacks jumping 11% and ransomware up 6% from a year ago, according to the Verizon Business Data Breach Investigations Report.

The report, based on 5,358 breaches from 83 contributors around the world, highlights how the COVID-19 pandemic move to the cloud and remote work opened up a few avenues for cybercrime.

Verizon Business found that 61% of all breaches involved credential data. Consistent with previous years, human negligence was the biggest threat to security.

Each industry in the DBIR had its own security nuances. For instance, 83% of data compromised in the financial and insurance industry was personal data, said Verizon Business. Healthcare was plagued by misdelivery of electronic or paper documents. In the public sector, social engineering was the technique of choice.

By region, Asia Pacific breaches typically were caused by financial motivations and phishing. In EMEA, Web application attacks, system intrusion and social engineering were the norm.

Here are some more figures to ponder in the Verizon Business DBIR:

  • 85% of breaches involved a human element.
  • 61% of breaches involved credentials.
  • Ransomware appeared in 10% of breaches, double the previous year.
  • Compromised external cloud assets were more common than on-premises assets in incidents and breaches.
vz-dbir-2021a.png
vz-dbir-2021b.png
Verizon Business DBIR 2021

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.zdnet.com/article/phishing-ransomware-web-app-attacks-dominate-data-breaches-in-2021-says-verizon-business-dbir/#ftag=RSSbaffb68

Continue Reading
Aviation4 days ago

JetBlue Hits Back At Eastern Airlines On Ecuador Flights

Cyber Security5 days ago

Cybersecurity Degrees in Massachusetts — Your Guide to Choosing a School

Blockchain4 days ago

“Privacy is a ‘Privilege’ that Users Ought to Cherish”: Elena Nadoliksi

AI2 days ago

Build a cognitive search and a health knowledge graph using AWS AI services

Cyber Security5 days ago

Cybersecurity Degrees in Texas — Your Guide to Choosing a School

Blockchain1 day ago

Meme Coins Craze Attracting Money Behind Fall of Bitcoin

Energy3 days ago

ONE Gas to Participate in American Gas Association Financial Forum

Esports3 days ago

Pokémon Go Special Weekend announced, features global partners like Verizon, 7-Eleven Mexico, and Yoshinoya

Fintech3 days ago

Credit Karma Launches Instant Karma Rewards

Blockchain4 days ago

Opimas estimates that over US$190 billion worth of Bitcoin is currently at risk due to subpar safekeeping

SaaS4 days ago

Blockchain10 hours ago

Shiba Inu: Know How to Buy the New Dogecoin Rival

Esports1 day ago

Valve launches Supporters Clubs, allows fans to directly support Dota Pro Circuit teams

SaaS4 days ago

Blockchain4 days ago

Yieldly announces IDO

Esports4 days ago

5 Best Mid Laners in League of Legends Patch 11.10

Cyber Security3 days ago

Top Tips On Why And How To Get A Cyber Security Degree ?

Blockchain1 day ago

Sentiment Flippening: Why This Bitcoin Expert Doesn’t Own Ethereum

SaaS4 days ago

Blockchain4 days ago

Decentraland Price Prediction 2021-2025: MANA $25 by the End of 2025

Trending