search menu icon-carat-right cmu-wordmark

CERT/CC Blog

Vulnerability Insights

Latest Posts

Announcing CERT Tapioca 2.0 for Network Traffic Analysis

Announcing CERT Tapioca 2.0 for Network Traffic Analysis

• CERT/CC Blog
Will Dormann

A few years ago, I announced the release of CERT Tapioca for MITM Analysis. This virtual machine was created for the purpose of analyzing Android applications to find apps that don't validate SSL certificates. Since the original release of Tapioca, we have received a request to make it easier to use and add some additional features. The new version of CERT Tapioca improves on the original in multiple ways in that it offers the following:...

Read More
Automatically Stealing Password Hashes with Microsoft Outlook and OLE

Automatically Stealing Password Hashes with Microsoft Outlook and OLE

• CERT/CC Blog
Will Dormann

Back in 2016, a coworker of mine was using CERT BFF, and he asked how he could turn a seemingly exploitable crash in Microsoft Office into a proof-of-concept exploit that runs calc.exe. Given Address Space Layout Randomization (ASLR) on modern Windows platforms, this isn't as easy as it used to be. One strategy to bypass ASLR that is possible in some cases is to leverage a memory leak to disclose memory addresses. Another strategy that...

Read More
The Curious Case of the Bouncy Castle BKS Passwords

The Curious Case of the Bouncy Castle BKS Passwords

• CERT/CC Blog
Will Dormann

While investigating BKS files, the path I went down led me to an interesting discovery: BKS-V1 files will accept any number of passwords to reveal information about potentially sensitive contents! In preparation for my BSidesSF talk, I've been looking at a lot of key files. One file type that caught my interest is the Bouncy Castle BKS (version 1) file format. Like password-protected PKCS12 and JKS keystore files, BKS keystore files protect their contents from...

Read More
Declaring War on Cyber Terrorism...or Something Like That

Declaring War on Cyber Terrorism...or Something Like That

• CERT/CC Blog
Leigh Metcalf

This post is co-authored by Deana Shick, Eric Hatleback and Leigh Metcalf Buzzwords are a mainstay in our field, and "cyberterrorism" currently is one of the hottest. We understand that terrorism is an idea, a tactic for actor groups to execute their own operations. Terrorists are known to operate in the physical world, mostly by spreading fear with traditional and non-traditional weaponry. As information security analysts, we also see products where "terrorists" are ranked in...

Read More
The CERT Guide to Coordinated Vulnerability Disclosure

The CERT Guide to Coordinated Vulnerability Disclosure

• CERT/CC Blog
Allen Householder

We are happy to announce the release of the CERT® Guide to Coordinated Vulnerability Disclosure (CVD). The guide provides an introduction to the key concepts, principles, and roles necessary to establish a successful CVD process. It also provides insights into how CVD can go awry and how to respond when it does so....

Read More
The Consequences of Insecure Software Updates

The Consequences of Insecure Software Updates

• CERT/CC Blog
Will Dormann

In this blog post, I discuss the impact of insecure software updates as well as several related topics, including mistakes made by software vendors in their update mechanisms, how to verify the security of a software update, and how vendors can implement secure software updating mechanisms....

Read More
The Twisty Maze of Getting Microsoft Office Updates

The Twisty Maze of Getting Microsoft Office Updates

• CERT/CC Blog
Will Dormann

While investigating the fixes for the recent Microsoft Office OLE vulnerability, I encountered a situation that led me to believe that Office 2016 was not properly patched. However, after further investigation, I realized that the update process of Microsoft Update has changed. If you are not aware of these changes, you may end up with a Microsoft Office installation that is missing security updates. With the goal of preventing others from making similar mistakes as...

Read More