Tag Archive for: Root

ICANN Announces New Root Zone Key to Enhance DNS Security in 2024 Ceremony


Internet security is set to receive a significant boost as the Internet Corporation for Assigned Names and Numbers (ICANN) embarks on an initiative to generate a new root zone key signing key (KSK) for the Domain Name System Security Extensions (DNSSEC). This move, scheduled for the 53rd KSK Ceremony on April 26, 2024, marks a pivotal moment in the ongoing effort to safeguard the authenticity of DNS information related to domain names across the globe.

Reviving the Key Generation Process

Following a hiatus caused by the departure of a crucial equipment supplier, ICANN has successfully identified and onboarded a replacement vendor, setting the stage for the generation of the new KSK. This development not only resumes the previously suspended plan but also reinforces ICANN’s commitment to maintaining a secure and stable DNS infrastructure. The new key is anticipated to undergo replication to an alternate facility in the third quarter of 2024, with its pre-publication in the DNS slated for January 2025, and eventual production deployment by late 2026 after a two-year standby period.

A Comprehensive Outreach for Smooth Transition

Understanding the critical importance of this transition for the global Internet community, ICANN is gearing up for an extensive outreach campaign. This campaign aims to educate and prepare stakeholders for the upcoming changes, ensuring a seamless integration of the new key into the DNSSEC framework. This proactive approach seeks to replicate the success of the key rollover exercise conducted in 2018, demonstrating ICANN’s ability to enhance DNS security without disrupting the broader Internet ecosystem.

Future-Proofing DNS Security

In addition to the KSK generation initiative, ICANN is also exploring avenues to further bolster DNS security through the modification of cryptographic algorithms used in signing the root zone. This reflects a broader strategy to adapt to evolving security challenges and maintain the integrity of DNS operations. By continuously evaluating and implementing advanced security measures, ICANN aims to stay ahead of potential threats to the DNS, ensuring its resilience and…

Source…

Looney Tunables Exploit Gives Hackers Root Access To Linux, That’s All Folks


looney tunables privilege escalation vulnerability discovered linux kernel

If Marvin the Martian makes it onto your computer and does privilege escalation to take it over, we might now know just how they did it. A new Linux local privilege escalation vulnerability, dubbed Looney Tunables. that can bump basic users to root was discovered, affecting a plethora of Linux installations.

Glibc is the GNU C Library project, and it “provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel.” Effectively, any operation you do on a Linux kernel system has ties to this library in some form or fashion. Within this is a dynamic loader, which helps to prep and run programs on the system to see what shared libraries are needed by that program. With this, an environment variable called GLIBC_TUNABLES allows users to change library behavior on the fly to avoid requiring a recompile.

code looney tunables privilege escalation vulnerability discovered linux kernel
Snippet of vulnerable code

On the inside of glibc, a buffer overflow vulnerability was discovered in the function that handles GLIBC_TUNABLES. With exploitation, this would allow for full root privilege to be granted to a local attacker “on the default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13,” likely alongside other distributions of the Linux kernel. The researchers at Qualys note that the issue was introduced in April 2021 with glibc version 2.34, which has since been updated four times.

Thankfully, this vulnerability and associated exploit was sent to RedHat early last month, was patched around September 19th, and had a coordinated release date yesterday. Further, as it stands, exploit code is being withheld, but it would not be outside the realm of possibility that another research team or threat actor develops an exploit to integrate into a kill chain. As such, it is recommended that system administrators patch their boxes against this threat to “ensure system integrity and security.”

Source…

How to Secure Your Android Smartphone ⚡ 5 *MUST KNOW* Security Steps…



Known macOS Vulnerabilities Led Researcher to Root Out New Flaws


Sometimes all it takes to root out a new software vulnerability is to study and analyze previous bug reports. That’s how researcher Csaba Fitzl says he sniffed out some new Apple macOS vulnerabilities, one of which was a mirror image of a logic flaw that a group of researchers competing in the 2020 Pwn2Own contest found and executed there.

Fitzl, a content developer for Offensive Security, says he reread and studied the winning six-exploit chain that the researchers used to hack macOS. One of the exploits in that chain weaponized a privilege escalation bug, which Apple later fixed. But there still was a hole, and he found it: “Although Apple fixed it properly, but still there was an extra function … that basically opened up another vulnerability to be utilized a bit differently than the original one,” Fitzl explains.

Apple’s original fix for the flaw allowed an attacker to change ownership of a directory in macOS. But Fitzl discovered that he could create a new directory on the targeted system, which could allow an attacker to escalate their privileges on macOS. “Although you had to use different techniques to get through to the system, but because you could create an arbitrary directory anywhere on the system, you could elevate your privileges to root,” he says.

It was basically the same logic flaw but in a different piece of the code. Apple has since patched the vulnerability Fitzl found as well.

This week at Black Hat Singapore, Fitzl will share technical details of this and two other vulns he found while drilling down on previous vuln research on macOS during a session entitled “macOS Vulnerabilities Hiding in Plain Sight.”

Apple had not responded to a request for comment as of this posting.

‘Something Is Not Right’
Fitzl says he didn’t actually spot traces of the new flaws linked to previous research until after he reread the research papers. “At some point it hit me that there is something not right. It turned out that there is a vulnerability not like the one initially documented,” he explains of his findings. “That eventually led to me to find or identify new vulnerabilities.”

The other two flaws he found include one that built upon research from Mickey Jin, who…

Source…