Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

Source: Tada Images via Shutterstock

Attackers can use a flaw that exploits the 0.0.0.0 IP address to remotely execute code on various Web browsers — Chrome, Safari, Firefox, and others — putting users at risk for data theft, malware, and other malicious activity.

Researchers at open source security firm Oligo Security have discovered a way to bypass browser security and interact with services running on an organization's local network from outside the network, that they are calling "0.0.0.0 Day," because of the Web address it exploits.

The vulnerability exists due to "the inconsistent implementation of security mechanisms across different browsers, along with a lack of standardization in the browser industry," Avi Lumesky, an Oligo AI security researcher, revealed in a blog post published this week.

Attackers can use the flaw to exploit localhost application programming interfaces (APIs) from the browser, thus performing a range of malicious activities.

"As a result, the seemingly innocuous IP address, 0.0.0.0, can become a powerful tool for attackers to exploit local services, including those used for development, operating systems, and even internal networks," Lumesky wrote.

**Breaking Down the Flaw**

The flaw lies in the ability by design of browsers for services to send a request to almost any HTTP server using JavaScript; a browser's key job is to focus on delivering the correct response, either by serving up a valid response to a request or an error.

While browsers are generally supposed to prevent errant or malicious requests from getting through via their responses, there has been a lack of streamlined security in handling requests across browsers since their inception.

"For a long time, it was not clear how browsers should behave when they make requests to local or internal networks from less-private contexts," Lumesky explained in the post.

While most browsers have relied on CORS, or Cross-Origin Resource Sharing — a standard defining a way for client Web applications that are loaded in one domain to interact with resources in a different domain — "its performance depends on the response content, so requests are still made and can still be sent," Lumesky noted.

"This is simply not good enough," he wrote. "History proved that a single HTTP request can attack a home router — and if that's all it takes, every user needs to be able to prevent this request from happening at all."

**PNA Bypass**

Chrome's introduction of Private Network Access (PNA) — which goes beyond CORS — should, in theory, protect websites from the 0.0.0.0 day bug. PNA proposes distinguishing between public, private, and local networks, ensuring that "pages loaded under a less-secure context will not be able to communicate with more-secure contexts," Lumesky wrote.

However, Oligo researchers discovered that website requests sent to 0.0.0.0, which should be blocked under PNA, were actually received and processed by local servers. "This means public websites can access any open port on your host without the ability to see the response," Lumesky wrote.

To prove their point, the attackers investigated how ShadowRay, a recent attack campaign its researchers discovered targeting AI workloads, could execute its attack from the browser using 0.0.0.0 as its attack vector.

ShadowRay enabled arbitrary code execution when a private server was unintentionally exposed to the Internet, and went undiscovered for nearly a year. To prove their concept, Oligo researchers ran a local Ray cluster on localhost, then started a socket that is listening to new connections to open a reverse shell.

"Then, the victim clicks on the link in the email, which runs the exploit," Lumesky explained. "The exploit opens a reverse shell for the attacker on the visitor’s machine."

The researchers proved the concept within Chromium, Safari, and Firefox to execute ShadowRay from the browser in "one of an undoubtedly huge number of remote code execution attacks enabled by this approach," Lumesky noted. They also proved the attack via Selenium Grid public servers and PyTorch TorchServe via respective previously identified attack campaigns SeleniumGreed and ShellTorch.

Ultimately, the researchers demonstrated how by using 0.0.0.0 together with mode "no-cors," attackers "can use public domains to attack services running on localhost and even gain arbitrary code execution, all using a single HTTP request," Lumeksy explained.

**How Defenders Can Mitigate Attacks**

Oligo disclosed the findings to the relevant browser owners — including Google, Apple, and Mozilla — which responded by making fixes in their browsers to block 0.0.0.0 as a target IP, according to Oligo.

Meanwhile, as the companies in charge work to streamline security standards across browser offerings, there are other technical mitigations that network administrators can use to thwart attacks using the vector, Lumesky said.

They include implementing PNA headers, verifying the HOST header of the network request to protect against DNS rebinding attacks to localhost or 127.0.0.1, and generally mistrusting localhost networks just because they are "local." "Add a minimal layer of authorization, even when running on localhost," he advised.

Network administrators should also use HTTPS over HTTP whenever possible and implement CSRF tokens in your applications, even if they are local.

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk

Open WebUI version 0.1.105 suffers from arbitrary file upload and path traversal vulnerabilities.

KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal

Title: Open WebUI Arbitrary File Upload + Path Traversal  
Advisory ID: KL-001-2024-006  
Publication Date: 2024.08.D06  
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt

1. Vulnerability Details

      Affected Vendor: Open WebUI  
      Affected Product: Open WebUI  
      Affected Version: 0.1.105  
      Platform: Debian 12  
      CWE Classification: CWE-22: Improper Limitation of a Pathname to a  
                          Restricted Directory ('Path Traversal'),  
                          CWE-434: Unrestricted Upload of File with Dangerous  
                          Type  
      CVE ID: CVE-2024-6707

2. Vulnerability Description

      Attacker controlled files can be uploaded to arbitrary  
      locations on the web server's filesystem by abusing a  
      path traversal vulnerability.

3. Technical Description

    When attaching files to a prompt by clicking the  
    plus sign (+) on the left of the message input box  
    when using the Open WebUI HTTP interface, the file  
    is uploaded to a static upload directory.

    The name of the file is derived from the original  
    HTTP upload request and is not validated or sanitized.  
    This allows for users to upload files with names  
    containing dot-segments in the file path and traverse  
    out of the intended uploads directory. Effectively, users  
    can upload files anywhere on the filesystem the  
    user running the web server has permission.

    This can be visualized by examining the python code  
    for the "/rag/api/v1/doc" API route:

       @app.post("/doc")  
       def store_doc(  
           collection_name: Optional[str] = Form(None),  
           file: UploadFile = File(...),  
           user=Depends(get_current_user),  
       ):  
           # "https://www.gutenberg.org/files/1727/1727-h/1727-h.htm"

           print(file.content_type)  
           try:  
               filename = file.filename  
               file_path = f"{UPLOAD_DIR}/{filename}"  
               contents = file.file.read()  
               with open(file_path, "wb") as f:  
                   f.write(contents)  
                   f.close()

    The "file" variable is a representation of the multipart  
    form data contained within the HTTP POST request. The  
    "filename" variable is derived from the uploaded file name  
    and is not validated before writing the file contents  
    to disk.

     This can be used to upload malicious models. These models  
     are often distributed as pickled python objects and can  
     be leveraged to execute arbitrary python bytecode once  
     deserialized. Alternatively, an attacker can leverage existing  
     services, such as SSH, to upload an attacker controlled  
     "authorized_keys" file to remotely connect to the machine.

4. Mitigation and Remediation Recommendation

      This issue was remediated in Open WebUI release v0.1.117 on 2024.04.03.

5. Credit

      This vulnerability was discovered by Jaggar Henry and Sean  
      Segreti of KoreLogic, Inc.

6. Disclosure Timeline

      2024.03.05 - KoreLogic requests secure communications channel and point  
                   of contact from OpenWebUI.com via email.  
      2024.03.12 - KoreLogic submits vulnerability details and suggested patch  
                   to maintainer via Github Security 'Report a vulnerability'  
                   web form.  
      2024.04.01 - KoreLogic opens Discussion #1385 via GitHub to request an  
                   update from the maintainer.  
      2024.04.01 - Maintainer opens a private fork and merges KoreLogic's patch.  
      2024.04.03 - Maintainer releases v0.1.117.  
      2024.08.06 - KoreLogic public disclosure.

7. Proof of Concept

    Execute the following cURL command:

       TARGET_URI='https://redacted.com'; JWT='redacted'; LOCAL_FILE='/tmp/file_to_upload.txt'\  
       curl -H "Authorization: Bearer $JWT" -F "file=$LOCAL_FILE;filename=../../../../../../../../../../tmp/pwned.txt"   
"$TARGET_URI/rag/api/v1/doc"

    Verify the file "pwned.txt" exists in the /tmp/ directory on  
    the machine hosting the web server:

       ollama@webserver:~$ cat /tmp/pwned.txt  
       korelogic  
       ollama@webserver:~$

The contents of this advisory are copyright(c) 2024  
KoreLogic, Inc. and are licensed under a Creative Commons  
Attribution Share-Alike 4.0 (United States) License:  
http://creativecommons.org/licenses/by-sa/4.0/

KoreLogic, Inc. is a founder-owned and operated company with a  
proven track record of providing security services to entities  
ranging from Fortune 500 to small and mid-sized companies. We  
are a highly skilled team of senior security consultants doing  
by-hand security assessments for the most important networks in  
the U.S. and around the world. We are also developers of various  
tools and resources aimed at helping the security community.  
https://www.korelogic.com/about-korelogic.html

Our public vulnerability disclosure policy is available at:  
https://korelogic.com/KoreLogic-Public-Vulnerability-Disclosure-Policy

Open WebUI 0.1.105 File Upload / Path Traversal

Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks.
The critical vulnerability "exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices," Oligo Security researcher Avi Lumelsky

Vulnerability / Browser Security

Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks.

The critical vulnerability "exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices," Oligo Security researcher Avi Lumelsky said.

The Israeli application security company said the implications of the vulnerability are far-reaching, and that it stems from the inconsistent implementation of security mechanisms and a lack of standardization across different browsers.

As a result, a seemingly harmless IP address such as 0.0.0.0 could be weaponized to exploit local services, resulting in unauthorized access and remote code execution by attackers outside the network. The loophole is said to have been around since 2006.

0.0.0.0 Day impacts Google Chrome/Chromium, Mozilla Firefox, and Apple Safari that enables external websites to communicate with software that runs locally on MacOS and Linux. It does not affect Windows devices as Microsoft blocks the IP address at the operating system level.

Particularly, Oligo Security found that public websites using domains ending in ".com" are able to communicate with services running on the local network and execute arbitrary code on the visitor's host by using the address 0.0.0.0 as opposed to localhost/127.0.0.1.

It's also a bypass of Private Network Access (PNA), which is designed to prohibit public websites from directly accessing endpoints located within private networks.

Any application that runs on localhost and can be reached via 0.0.0.0 is likely susceptible to remote code execution, including local Selenium Grid instances by dispatching a POST request to 0.0.0\[.\]0:4444 with a crafted payload.

In response to the findings in April 2024, web browsers are expected to block access to 0.0.0.0 completely, thereby deprecating direct access to private network endpoints from public websites.

"When services use localhost, they assume a constrained environment," Lumelsky said. "This assumption, which can (as in the case of this vulnerability) be faulty, results in insecure server implementations."

"By using 0.0.0.0 together with mode 'no-cors,' attackers can use public domains to attack services running on localhost and even gain arbitrary code execution (RCE), all using a single HTTP request."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

Hacker Samy Kamkar is debuting his own open source version of a laser microphone—a spy tool that can invisibly pick up the sounds inside your home through a window, and even the text you’re typing.

In a famous scene from the 1992 movie _Sneakers_, a hacker classic, the main characters park a surveillance van across the street from their target's office and point a telephoto lens through his window—only to find that their view of his computer keyboard is blocked by the surprise entrance of his love interest at the precise moment when he types his password. The surveillance team ends up watching and rewatching their partially obstructed VHS video of his keystrokes, bickering comically about the layout of a QWERTY keyboard.

Today, with a few decades of surveillance tech advancements and some clever feats of physics, all it would take to grab that password—as well as anything typed on the computer, or, for that matter, every word spoken in the room—would be a well-aimed infrared laser.

At the Defcon security conference this weekend in Las Vegas, renowned hacker Samy Kamkar plans to debut his own DIY advances in a form of laser-based surveillance, demonstrating that he can point a laser that's invisible to the human eye at a faraway laptop, through a window, and detect the computer's vibrations to reconstruct virtually every character typed on it. The trick, which takes advantage of the subtle acoustics created by tapping different keys on a computer, works even without a view of the computer's keyboard, so long as the hacker has a line-of-sight view of any relatively reflective portion of the target laptop.

In the process of perfecting that light-based keystroke eavesdropping technique, Kamkar says he's also created what may well be one of the world's most high-fidelity implementations of a laser microphone—a tool that bounces a laser off a room's window to detect its vibrations and record all the sounds inside—or at least, one of the most advanced such laser microphones whose technical details have been publicly released. (Kamkar plans to publish the full schematics on his website and GitHub.) The result is an open-source spying setup that can, in various forms, potentially pick up virtually everything either typed or spoken aloud in a surveillance target's room.

Kamkar says he's been determined to build his own laser-based spy setup since he watched a Defcon talk 15 years ago, in which a pair of hackers demonstrated some rudimentary detection of keystrokes with a laser pointed at a laptop from across a room. “It blew my mind. ‘I want to do this,’” Kamkar says he remembers thinking. “But I also wanted to improve the attack. Can I make it work from outside, from far away? Can I do it with an infrared laser so the target can't see it? And can I also hear what's happening in the room, such as by bouncing the laser off a window?”

The answers: Yes to all the above. The video below shows an example of Kamkar's prototype setup–he tested it through different windows of his house with varying results—with his infrared laser outside pointed at his Macbook inside, where he's typing and listening to music.

Here's a sample of text he was able to recover in one case from his own typing, compared to the original:

Kamkar says that his keystroke spying trick works best when he can aim his laser at a spot on a laptop that reflects light—ideally a shiny metal or plastic spot on the laptop's case, such as a logo. “The Apple logo is nearly a mirror,” he says. “So that's a really good reflective surface.” The video clip below, captured with an infrared camera and steam to make the laser's path visible, shows Kamkar's infrared laser bouncing off that shiny Apple logo.

When it came to recording sounds inside a room, Kamkar was in some cases able to pick up music clearly, as in the first two samples below—though he found that double-paned glass produced far more muffled results, which you can hear in the third audio sample.

Neither of Kamkar's two laser-spying techniques are entirely new concepts: Both the keystroke-surveillance technique and the laser-based audio eavesdropping trick are essentially his own versions of a tool known as a laser microphone, a decades-old invention that bounces a laser off a surface and measures the reflected light to detect the target's vibrations—such as those caused by either key presses on a laptop's keyboard or someone's nearby voice.

For both of his laser-based techniques, however, Kamkar used his own engineering tricks and a few thousand dollars in hardware to significantly advance the fidelity of his optical eavesdropping. To reduce the noise created by ambient light when attempting to detect vibrations in his reflected infrared laser, for instance, he designed his laser microphone system to strobe on and off 400,000 times per second, picking up the reflected light through a lens so that the light hits a photo diode—or doesn't—depending on the target's vibrations. By using that 400-kilohertz frequency and measuring variances in the signal's amplitude just as an amplitude-modulated, or AM, radio does, Kamkar was able to later filter out everything other than that frequency to vastly reduce noise. He then amplified that signal and used a piece of hardware known as an upconverter to shift that AM radio signal to a higher frequency, so that it could be fed it into a software-defined radio—a digital, programmable radio capable of handling a far larger range of frequencies than a typical radio—to analyze it.

“I think I've created the first laser microphone that's actually modulated in the radio frequency domain,” Kamkar says. “Once I have a radio signal, I can treat it like radio, and I can take advantage of all the tools that exist for radio communication.” In other words, Kamkar converted sound into light into radio—and then back again into sound.

Samy Kamkar at his home workstation.Photograph: Roger Kisby

For his keystroke detection technique, Kamkar then fed the output of his laser microphone into an audio program called iZotopeRX to further remove noise and then an open source piece of software called Keytap3 that can convert the sound of keystrokes into legible text. In fact, security researchers have demonstrated for years that keystroke audio, recorded from a nearby microphone, can be analyzed and deciphered into the text that a surveillance target is typing by distinguishing tiny acoustic differences in various keys. One group of researchers has shown that relatively precise text can even be derived from the sounds of keystrokes recorded over a Zoom call.

Kamkar, however, was more interested in the 2009 Defcon demonstration in which security researchers Andrea Barisani and Daniele Bianco showed that they could use a simple laser microphone to roughly detect words typed on a keyboard, a trick that would allow long-distance line-of-sight spying. In that demo, the two Italian hackers only got as far as testing out their laser spying technique across the room from a laptop and generating a list of possible word pairs that matched the vibration signature they recorded.

Speaking to WIRED, Barisani says their experiment was only a “quick and dirty” proof of concept compared to Kamkar's more polished prototype. “Samy is brilliant, and there was a lot of room for improvement,” Barisani says. “I'm 100 percent sure that he was able to improve our attack both in the hardware setup and the signal processing.”

Kamkar’s laser spying kit: An infrared laser…Photograph: Roger Kisby

…attached to an oscilloscope’s signal generator, current controller, temperature controller, and amplifier power supply.Photograph: Roger Kisby

Kamkar's results do appear to be dramatically better: Some samples of text he recovered from typing with his laser mic setup and shared with WIRED were almost entirely legible, with only a missed letter every word or two; others showed somewhat spottier results. Kamkar's laser microphone worked well enough for detecting keystrokes, in fact, that he also tested using it to record audio in a room more generally, by bouncing his infrared laser off a window. It produced remarkably clear sound, noticeably better than other samples of laser microphone audio released online—at least among those recorded stealthily from a window's vibrations.

Of course, given that laser microphones have existed for decades, Kamkar admits he doesn't know what advancements the technology may have made in commercial implementations available to governments or law enforcement, not to mention even more secret, custom-built technologies potentially created or used by intelligence agencies. “I would assume they're doing this or something like it,” Kamkar says.

Unlike the creators of those professional spy tools, though, Kamkar is publishing the full schematics of his DIY laser microphone spy kit. “Ideally, I want the public to know everything that intelligence agencies are doing, and the next thing, too," Kamkar says. “If you don't know something is possible, you're probably not going to protect against it.”

Even knowing that Kamkar's silent, invisible, long-distance laser spy trick exists, how does anyone hide their secrets from it? He suggests that companies install double-paned or reflective glass. Some security device companies also sell protection devices that affix to windows and vibrate them to prevent laser microphone spying, and Kamkar concedes he hasn't tested his attack against those. But he also suggests a safer countermeasure: “Don't work on computers visible from a window,” he says. “Or just have dirty windows.”

Kamkar admits that beyond any idea of enabling or defeating surveillance, he was driven to develop his laser spying tricks mostly to test what was possible in the realm of physics-based hacking. More than a warning about any particular spy trick, he hopes his Defcon talk will inspire the conference's hacker audience to think more broadly about how information resonates through the real world in unexpected and exploitable ways, defying any simple model of computer security.

“You hit a key, it produces a sound that emanates in all directions. All the light hitting the laptop also vibrates at that frequency. The key then closes a circuit on the keyboard that generates electromagnetism and emits radio frequency in all directions,” Kamkar says. “The physical world screams secrets, and we have the ability to listen.” And if you don't, whoever's watching outside your window just might.

Watch How a Hacker’s Infrared Laser Can Spy on Your Laptop’s Keystrokes

Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the operating system files with older versions.
The vulnerabilities are listed below -

CVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-21302

Windows Security / Vulnerability

Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the operating system files with older versions.

The vulnerabilities are listed below -

*   **CVE-2024-38202** (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability
*   **CVE-2024-21302** (CVSS score: 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Credited with discovering and reporting the flaws is SafeBreach Labs researcher Alon Leviev, who presented the findings at Black Hat USA 2024 and DEF CON 32.

CVE-2024-38202, which is rooted in the Windows Backup component, allows an "attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS)," the tech giant said.

It, however, noted that an attacker attempting to leverage the flaw would have to convince an Administrator or a user with delegated permissions to perform a system restore which inadvertently triggers the vulnerability.

The second vulnerability also concerns a case of privilege escalation in Windows systems that support VBS, effectively allowing an adversary to replace current versions of Windows system files with outdated versions.

The consequences of CVE-2024-21302 are that it could be weaponized to reintroduce previously addressed security flaws, bypass some features of VBS, and exfiltrate data protected by VBS.

Leviev, who detailed a tool dubbed Windows Downdate, said it could be used to turn a "fully patched Windows machine susceptible to thousands of past vulnerabilities, turning fixed vulnerabilities into zero-days and making the term 'fully patched' meaningless on any Windows machine in the world."

The tool, Leviev added, could "take over the Windows Update process to craft fully undetectable, invisible, persistent, and irreversible downgrades on critical OS components—that allowed me to elevate privileges and bypass security features."

Furthermore, Windows Downdate is capable of bypassing verification steps, such as integrity verification and Trusted Installer enforcement, effectively making it possible to downgrade critical operating system components, including dynamic link libraries (DLLs), drivers, and NT kernel.

The issues, on top of that, could be exploited to downgrade Credential Guard's Isolated User Mode Process, Secure Kernel, and Hyper-V's hypervisor to expose past privilege escalation vulnerabilities, as well as disable VBS, alongside features like Hypervisor-Protected Code integrity (HVCI).

The net result is that a completely patched Windows system could be rendered susceptible to thousands of past vulnerabilities and turn fixed shortcomings into zero-days.

These downgrades have an added impact in that the operating system reports that the system is fully updated, while simultaneously preventing the installation of future updates and inhibiting detection by recovery and scanning tools.

"The downgrade attack I was able to achieve on the virtualization stack within Windows was possible due to a design flaw that permitted less privileged virtual trust levels/rings to update components residing in more privileged virtual trust levels/rings," Leviev said.

"This was very surprising, given Microsoft's VBS features were announced in 2015, meaning the downgrade attack surface I discovered has existed for almost a decade."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities

During a "Shark Tank"-like final, each startup's representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment firms, and top companies in cyber.

Founder and CTO of Knostic, Sounil Yu, runs to the stage to collect his award after being announced the winner of the 2024 Startup Spotlight competition.Source: Kristina Beek

BLACK HAT USA – Las Vegas – Wednesday, Aug. 7 – Eitan Worcel, CEO of Mobb Security, last year's Startup Spotlight winner, last night announced that the torch would be passed to the 2024 winner: Knostic, an LLM access-control company. Sounil Yu, Knostic founder and CTO, was present to accept.

In the first phases of the competition, each group submitted a five-minute video pitch on behalf of their cybersecurity startup to present their company and the products and solutions it provides, whether it be in the development, launch, or newly launched stage.

After that, the selection dwindled to a select, top four finalists: LeakSignal, RAD Security, DryRun Security, and Knostic. Each made a final pitch on behalf of their companies in last night's event at Black Hat USA, in a Shark Tank\-style competition.

The panel of judges included Omdia analysts Ketaki Borade, Hollie Hennessy, and Rik Turner; Coleen Coolidge of Twilio; Trey Ford of Deepwatch; Maria Markstedter of Azeria Labs; Lucas Nelson of VC firm Lytical Ventures; and Robert J. Stratton III of startup accelerator MACH37.

**4 Unique Cyber Startups, Pitching to the Judges**

LeakSignal is an openly distributed data governance solution that aims to classify and protect sensitive data, allowing customers to set limits on internal API data access and focus on data classification. The platform blocks sensitive data before it’s logged, and redacts that data during calls to outbound third-party APIs.

The platform is built with Rust, and is designed to integrate with an organization's existing architecture. Its team's next-stage focus is to expand the support LeakSignal provides to more complex AI models, and to refine its data classification algorithms to provide a more accurate and comprehensive protection. 

RAD Security meanwhile focuses on tackling security issues surrounding cloud native development. According to the company, "For teams to achieve true resilience against emerging threats, detection and response solutions must evolve their approach beyond signature-based, one-size-fits-all solutions."

To that end, the company aims to provide customers with a custom view of what should and shouldn’t be happening in their cloud infrastructure, providing a unique and more accurate detection-and-response plan for malicious behavior. By creating fingerprints of the good behavior an enterprise is experiencing across its software supply chain, cloud native infrastructure, and workloads, RAD Security is better able to detect anomalies to that — and thus any cyberattacks the company faces. 

The third finalist, DryRun Security, is an application security company that provides automated, behavioral code reviews by interrogating code changes based on static patterns and behaviors. Ken Johnson, CTO and co-founder of DryRun, explained that after he and CEO James Wickett realized that the security industry had been anaylzing software in the same manner for years on end, they decided to build their company to create not only a developer-first tool, but also a new way of analyzing and detecting risk. The company currently conducts more than 10,000 secure code reviews for its customers, using an approach that it explains is grounded in the principles of contextual security analysis (CSA).

Rounding out the group is winning startup Knostic, comprised of 12 employees, with a pre-seed funding of $4.4 million, and which aims to ensure that internal generative AI (GenAI) tools aren't leaking sensitive data to users that shouldn't have access to it.

As GenAI tools like ChatGPT continue to gain popularity, organizations are learning that connecting a large language model (LLM) to its internal systems comes with a serious risk of exposing sensitive data. Knostic creates a knowledge control layer based on employees' permissions for accessing content.

In a demonstration during the presentation, Yu showed the audience a mock interface of an HR department user sending a message to an internal chatbot inquiring about quarterly sales revenue. Knostic's platform ensured that the actual numerical value — sensitive financial information — was not revealed, but provided additional useful information instead outlining which departments contributed the most toward the company's profitability. The same query made by a CEO however returned the actual dollar figure, as the CEO has higher clearance.

"What differentiates the two is need to know," said Yu during the presentation.

The company's product works with Copilot for Microsoft 365 for now, but the next phase is to expand support to all software-as-a-service (SaaS) tools that incorporate LLMs.

**Winner's High**

When asked how it felt to present to the crowd amongst fellow finalists, Yu tells Dark Reading that he "was preparing for disappointment" after he completed his presentation.

"It's a high stress environment," Yu says. "Your perception of time completely changes, right? I was like 'Oh, I got this in four minutes and thirty seconds. No problem.'" During his presentation, however, Yu was cut short by the five-minute timer. In hindsight, he says, the experience was great.

"I think the opportunity \[to present\] to this sort of audience is a very legitimate validation," Yu says. "All finalists deserve attention, because it means there's real value that we're producing. I'm fortunate that we were able to win, but I think we should recognize all the other contestants for the value that they brought."

Knostic Wins 2024 Black Hat Startup Spotlight Competition

A researcher found a vulnerability that would let hackers strategically downgrade a target’s Windows version to reexpose patched vulnerabilities. Microsoft is working on fixes for the issue.

New research being presented at the Black Hat security conference in Las Vegas today shows that a vulnerability in Windows Update could be exploited to downgrade Windows to older versions, exposing a slew of historical vulnerabilities that then can be exploited to gain full control of a system. Microsoft says that it is working on a complex process to carefully patch the issue, dubbed “Downdate.”

Alon Leviev, the SafeBreach Labs researcher who discovered the flaw, says he started looking for possible downgrade attack methods after seeing that a startling hacking campaign from last year was using a type of malware (known as the “BlackLotus UEFI bootkit”) that relied on downgrading the Windows boot manager to an old, vulnerable version. After probing the Windows Update flow, Leviev discovered a path to strategically downgrading Windows—either the entire operating system or just specifically chosen components. From there, he developed a proof-of-concept attack that utilized this access to disable the Windows protection known as Virtualization-Based Security (VBS) and ultimately target highly privileged code running in the computer's core “kernel.”

“I found a downgrade exploit that is fully undetectable because it is performed by using Windows Update itself,” which the system trusts, Leviev told WIRED ahead of his conference talk. “In terms of invisibility, I didn't uninstall any update—I basically updated the system even though under the hood it was downgraded. So the system is not aware of the downgrade and still appears up-to-date.”

Leviev's downgrade capability comes from a flaw in the components of the Windows Update process. To perform an upgrade, your PC places what is essentially a request to update in a special update folder. It then presents this folder to the Microsoft update server, which checks and confirms its integrity. Next, the server creates an additional update folder for you that only it can control, where it places and finalizes the update and also stores an action list—called “pending.xml”—that includes the steps of the update plan, such as which files will be updated and where the new code will be stored on your computer. When you reboot your PC, it takes the actions from the list and updates the software.

The idea is that even if your computer, including your update folder, is compromised, a bad actor can't hijack the update process because the crucial parts of it happen in the server-controlled update folder. Leviev looked closely at the different files in both the user's update folder and the server's update folder, though, and he eventually found that while he couldn't modify the action list in the server's update folder directly, one of the keys controlling it—called “PoqexecCmdline”—was not locked. This gave Leviev a way to manipulate the action list, and with it the entire update process, without the system realizing that anything was amiss.

With this control, Leviev then found strategies to downgrade multiple key components of Windows, including drivers, which coordinate with hardware peripherals; dynamic link libraries, which contain system programs and data; and, crucially, the NT kernel, which contains the most core instructions for a computer to run. All of these could be downgraded to older versions that contain known, patched vulnerabilities. And Leviev even cast a wider net from there, to find strategies for downgrading Windows security components including the Windows Secure Kernel; the Windows password and storage component Credential Guard; the hypervisor, which creates and oversees virtual machines on a system; and VBS, the Windows virtualization security mechanism.

The technique does not include a way to first gain remote access to a victim device, but for an attacker who already has initial access, it could enable a true rampage, because Windows Update is such a trusted mechanism and can reintroduce a vast array of dangerous vulnerabilities that have been fixed by Microsoft over the years. Microsoft says that it has not seen any attempts to exploit the technique.

“We are actively developing mitigations to protect against these risks while following an extensive process involving a thorough investigation, update development across all affected versions, and compatibility testing, to ensure maximized customer protection with minimized operational disruption,” a Microsoft spokesperson told WIRED in a statement.

Part of the company's fix involves revoking vulnerable VBS system files, which must be done carefully and gradually, because it could cause integration issues or reintroduce other, unrelated problems that were previously addressed by those same system files.

Leviev emphasizes that downgrade attacks are an important threat for the developer community to consider as hackers endlessly seek paths into target systems that are stealthy and difficult to detect.

A Flaw in Windows Update Opens the Door to Zombie Exploits

Gentoo Linux Security Advisory 202408-13 - A vulnerability has been discovered in Nokogiri, which can lead to a denial of service. Versions greater than or equal to 1.13.10 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-13  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Nokogiri: Denial of Service  
     Date: August 07, 2024  
     Bugs: #884863  
       ID: 202408-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Nokogiri, which can lead to a  
denial of service.

Background  
==========

Nokogiri is an HTML, XML, SAX, and Reader parser.

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
dev-ruby/nokogiri  < 1.13.10     >= 1.13.10

Description  
===========

A denial of service vulnerability has been discovered in Nokogiri.  
Please review the CVE identifier referenced below for details.

Impact  
======

Nokogiri fails to check the return value from `xmlTextReaderExpand` in  
the method `Nokogiri::XML::Reader#attribute_hash`. This can lead to a  
null pointer exception when invalid markup is being parsed. For  
applications using `XML::Reader` to parse untrusted inputs, this may  
potentially be a vector for a denial of service attack.

Workaround  
==========

Users may be able to search their code for calls to either  
`XML::Reader#attributes` or `XML::Reader#attribute_hash` to determine if  
they are affected.

Resolution  
==========

All Nokogiri users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-ruby/nokogiri-1.13.10"

References  
==========

[ 1 ] CVE-2022-23476  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23476

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-13

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-13

Gentoo Linux Security Advisory 202408-12 - A vulnerability has been discovered in Bitcoin, which can lead to a denial of service. Versions greater than or equal to 25.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-12  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Bitcoin: Denial of Service  
     Date: August 07, 2024  
     Bugs: #908084  
       ID: 202408-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Bitcoin, which can lead to a  
denial of service.

Background  
==========

Bitcoin Core consists of both "full-node" software for fully validating  
the blockchain as well as a bitcoin wallet.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
net-p2p/bitcoind  < 25.0        >= 25.0

Description  
===========

Please review the CVE identifier referenced below for details.

Impact  
======

Bitcoin Core, when debug mode is not used, allows attackers to cause a  
denial of service (CPU consumption) because draining the inventory-to-  
send queue is inefficient, as exploited in the wild in May 2023.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Bitcoin users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-p2p/bitcoind-25.0"

References  
==========

[ 1 ] CVE-2023-33297  
      https://nvd.nist.gov/vuln/detail/CVE-2023-33297

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-12

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-12

Gentoo Linux Security Advisory 202408-11 - Multiple vulnerabilities have been discovered in aiohttp, the worst of which could lead to service compromise. Versions greater than or equal to 3.9.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-11  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: aiohttp: Multiple Vulnerabilities  
     Date: August 07, 2024  
     Bugs: #918541, #918968, #931097  
       ID: 202408-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in aiohttp, the worst of  
which could lead to service compromise.

Background  
==========

aiohttp is an asynchronous HTTP client/server framework for asyncio and  
Python.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
dev-python/aiohttp  < 3.9.4       >= 3.9.4

Description  
===========

Multiple vulnerabilities have been discovered in aiohttp. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All aiohttp users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-python/aiohttp-3.9.4"

References  
==========

[ 1 ] CVE-2023-47641  
      https://nvd.nist.gov/vuln/detail/CVE-2023-47641  
[ 2 ] CVE-2023-49082  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49082  
[ 3 ] CVE-2024-30251  
      https://nvd.nist.gov/vuln/detail/CVE-2024-30251

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-11

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Tag

#mac