Security Alerts & News
by Tymoteusz A. Góral

History
#1772 Bypassing CSP using polyglot JPEG
James challenged me to see if it was possible to create a polyglot JavaScript/JPEG. Doing so would allow me to bypass CSP on almost any website that hosts user-uploaded images on the same domain. I gleefully took up the challenge and begun dissecting the format. The first four bytes are a valid non-ASCII JavaScript variable 0xFF 0xD8 0xFF 0xE0. Then the next two bytes specify the length of the JPEG header. If we make that length of the header 0x2F2A using the bytes 0x2F 0x2A as you might guess we have a non-ASCII variable followed by a multi-line JavaScript comment. We then have to pad out the JPEG header to the length of 0x2F2A with nulls.
Read more
#1775 New large-scale DDoS attacks follow schedule
#1774 One bit to rule a system: analyzing CVE-2016-7255 exploit in the wild
#1773 Exploit company exodus sold Firefox zero-day earlier this year
#1772 Bypassing CSP using polyglot JPEG
#1771 A beginner’s guide to beefing up your privacy and security online
#1770 New SmsSecurity variant roots phones, abuses accessibility features and TeamViewer
#1769 Google fixes 12 high-severity flaws In Chrome browser
#1768 Buffer overflow exploit can bypass Activation Lock on iPads running iOS 10.1.1
#1767 Amazon offers DDoS protection with Shield
#1766 Fake Apple chargers fail safety tests
#1765 Analysis of multiple vulnerabilities in AirDroid
#1764 UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12