search menu icon-carat-right cmu-wordmark

CERT/CC Blog

Vulnerability Insights

Latest Posts

CVSS and the Internet of Things

CVSS and the Internet of Things

• CERT/CC Blog
Dan J. Klinedinst

There has been a lot of press recently about security in Internet of Things (IoT) devices and other non-traditional computing environments. Many of the most talked about presentations at this year's Black Hat and DefCon events were about hacking IoT devices. At the CERT/CC, we coordinate information about and discover vulnerabilities in various devices, and the number of vulnerabilities keeps growing. One thing that I've personally been researching is finding vulnerabilities in vehicles. In recent...

Read More
Instant KARMA Might Still Get You

Instant KARMA Might Still Get You

• CERT/CC Blog
Will Dormann

About a year ago, I started looking into Android applications that aren't validating SSL certificates. Users of these applications could be at risk if they fall victim to a man-in-the-middle (MITM) attack. Earlier this year, I also wrote about the risks of MITM attacks on environments that use SSL inspection. Lately I've been checking whether IOS applications are consistently checking SSL certificates, and they appear to be pretty similar to Android applications in that regard....

Read More
Reach Out and Mail Someone

Reach Out and Mail Someone

• CERT/CC Blog
Garret Wassermann

Every day, we receive reports from various security professionals, researchers, hobbyists, and even software vendors regarding interesting vulnerabilities that they discovered in software. Vulnerability coordination--where we serve as intermediary between researcher and vendor to share information, get vulnerabilities fixed, and get those fixes out in the public eye--is a free service we provide to the world....

Read More
Comments on BIS Wassenaar Proposed Rule

Comments on BIS Wassenaar Proposed Rule

• CERT/CC Blog
Allen Householder

Art Manion and I recently submitted comments to the Department of Commerce Bureau of Industry and Security on their proposed rule regarding Wassenaar Arrangement 2013 Plenary Agreements Implementation: Intrusion and Surveillance Items. While our detailed comments are lengthy, we summarize our contributions here....

Read More
The Risks of Disabling the Windows UAC

The Risks of Disabling the Windows UAC

• CERT/CC Blog
Will Dormann

While investigating a few of the exploits associated with the recent HackingTeam compromise, I realized an aspect of the Windows User Account Control (UAC) that might not be widely known. Microsoft has published documents that indicate that the UAC is not a security boundary. For these or other reasons, some folks may have disabled the UAC on their Windows systems. I will explain in this blog post why disabling the UAC is a bad idea....

Read More
Like Nailing Jelly to the Wall: Difficulties in Defining

Like Nailing Jelly to the Wall: Difficulties in Defining "Zero-Day Exploit"

• CERT/CC Blog
Allen Householder

During the Watergate hearings, Senator Howard Baker asked John Dean a now-famous question: "My primary thesis is still: What did the president know, and when did he know it?" If you understand why that question was important, you have some sense as to why I am very concerned that "zero-day exploit capability" appears as an operative phrase in the Department of Commerce Bureau of Industry and Security (BIS) proposed rules to implement the Wassenaar Arrangement...

Read More
YAF App Label Signature Context with Analysis Pipeline

YAF App Label Signature Context with Analysis Pipeline

• CERT/CC Blog
Angela Horneman

In my last post, I presented how to create a YAF application label signature rule that corresponds to a text-based Snort-type rule. In this post, I discuss methods for using Analysis Pipeline to provide context to those signatures. The context for signatures can take many forms. Some context can be derived from the individual flows that match the signatures. This information is easy to obtain from either SiLK or another traffic analysis tool--just look at...

Read More