Author - systemdigits.com

Record-breaking 1 Tbs speed achieved over 5G mobile connection.

New Generations usually bring new base technologies, more network capacity for more data per user, and high speed Internet service, for which Internet service providers usually advertise. However, it is believed that the fifth generation (5G Technology) of mobile network will be beyond our thoughts.

1TBPS OVER 5G
Security researchers from the University of Surrey have just achieved Record-Breaking data speeds during a recent test of 5G wireless data connections, achieving an incredible One Terabit per second (1Tbps) speed – many thousands of times faster than the existing 4G connections.

After 4G, 5G is the next generation of mobile communication technology that aims at offering far greater capacity and be faster, more energy-efficient and more cost-effective than anything that has seen before. The boffins say 5G will be different – very different.

The 5G test was conducted at the university's 5G Innovation Centre (5GIC), which was founded by a host of telecoms industry partners including Huawei, Fujitsu, Samsung, Vodafone, EE, Aircom, BT, Telefonica, Aeroflex, BBC and Rohde & Schwarz.

DOWNLOAD 100 MOVIES IN JUST 3 SECONDS
1Tbps of speeds are far faster than previously announced 5G tests – Samsung’s 7.5 gigabits per second (Gbps) record, which was 30 times faster than 4G LTE (Long-Term Evolution) speed and just less than 1% of the Surrey team's speed.

    "We have developed 10 more breakthrough technologies and one of them means we can exceed 1Tbps wirelessly. This is the same capacity as fiber optics but we are doing it wirelessly," 5GIC director Prof Rahim Tafazolli told the news website V3.

With 1Tbps, it is possible to download a file 100 times the size of a feature film in just three seconds. This incredible speed is over 65,000 times faster than the current 4G download speeds.

5G EXPECTED TO ROLL OUT BY 2020
The test was carried out over a distance of 100 meters using equipment built at the university. The head of the 5GIC said he planned to demonstrate the technology to the public in 2018. It’s believed that 5G could possibly be available in the UK by 2020.

UK communications regulator Ofcom has been supportive of efforts to get 5G to the public. Ofcom previously said it expected 5G mobile should be able to deliver speeds between 10 and 50Gbps, compared with the 4G average download speed of 15 Megabits per second (Mbps).

    According to Prof Tafazolli, there were hurdles to overcome before 5G would be ready, he said, "An important aspect of 5G is how it will support applications in the future. We don't know what applications will be in use by 2020, or 2030 or 2040 for that matter, but we know they will be highly sensitive to latency."

There is a need to bring "end-to-end latency down to below one millisecond" in order to enable latest technologies and applications which would just not be possible with 4G. Tafazolli mentioned 3D holographic chess games on smartphones, controlling connected cars over 5G and other possible future applications requiring such low latency.

5G – NEW FRONTIER FOR CYBER ATTACKS
5G will, no doubt, provide a high speed Internet connectivity that would be really a great news for all, but that would be a distinction for cyber criminals as well. In Future, by leveraging 5G technology, it would be very easy for hackers and cybercriminals to take down almost any website on the Internet using Distributed Denial of Service (DDoS) attacks.

In Era of expected 50Gbps Internet speed at home or business, there would be no need for cyber criminals to make a critical infrastructure of botnets by compromising hundreds of thousands of devices, rather they only need few devices with 5G Internet connection to launch the ever largest DDoS attack of around 1 Tbps.

To resolve such issues in future, High speed Internet service providers and online communications service providers need to setup real time monitoring, reporting, limiting, and mitigation and protection mechanism against DDoS attacks in an attempt to protect online users.

Learning to become a Hacker.

Hacker doesn’t mean “to use hacking tools which made by professional or by other anonymous hackers”  if you do use hacking tools you would called “cracker” or “noob” in the hackers world.

Becoming a hacker is not an easy job, it needs a lot of interest, passion and hardwork. If you are interested in hacking or in cyber world then it’s not a tough job for you to become a hacker.

So let us elaborate in steps for becoming a hacker

1. Learn about basic computer stuff (using operating system, and other stuff)

Learn using operating system, fixing every problem you face in your pc, then you should use multiple operating systems like linux or more,

2. Learn about networking concepts

Learn about networking concepts, new networking terms (protocols, ip addresses, http, ftp and more)

3. Learn c programming language or Javascript

c programming language, is the first language picked mostly for learning programming

4. Learn php scripting language

As per the professional hackers, php is much more useful for hacking into web entities, php is also useful for web developing

5. Try to understand how hacking tools work

You can use hacking tools which are made by experts, but this won’t make you a hacker, more a script kiddie or noob (this is real hackers would call you). In order to get a real hacker, you need to understand how hacking tools work and be able to code them even yourself.

6. Learn about new malwares

Every week new malware is being introduced to the cyber world which are made by black hats, in order to gain fame, earn money or more. Learn about malwares through hacking websites.

Do some research on them, particularly about how they are working

7. Learn some white hat hacking

It’s your choice whether you want be  black hat or white hat, while white hats are known as good guys, black hats are the ones doing illegal things with their hacking skills, either for personal interests or for money. Do some white hacking, it will help you gain experience in hacking, if you want be white hat, then you should participate in bug bounty programs.

8. Try to make tools with python

Python is a widely used programming language, you can use python for making your own hacking tools, or other programming languages in which you are good, but python is the most preferred language used by hackers for making hacking tools

9. Most important step is secure yourself from being hacked

Before starting into hacking stuff, it is important to secure yourself from being caught or being hacked by using a VPN or other methods.

10. Spend a lot of time with hacking and programming

The more time you spend with hacking or programming, the more you’ll become stronger

So spend at least 4 to 5 hours daily,

 

Macro Malware Is Back From The Dead, Here’s How To Defeat It

Macro-malware-backShort Bytes: The notorious macro malware from the 1990s is making a comeback in a big manner. The latest security reports suggest that macro malware attack techniques have evolved with time and you need to be extra cautious. Read this article to know how macro malware works and know the steps to defeat such attacks.

Macro malware is back – it’s the latest word on the street – according to the security researchers at MacAfee Labs. They have just released their regular threat report that outlines the latest security trends. Hiding in Word documents, Macro malware first rose to the surface in the 1990s.

But, why are we witnessing a sudden rise of the Macro malware in the last month? The MacAfee Labs report tries to find out the reasons and mentions the steps that need to be taken to secure ourselves.

If you are an avid follower of the security trends, you would remember the familiar message from about 20 years ago that read “Warning: This document contains macros.” Threats like WM.Concept (first macro virus to spread through Word) and Melissa (first mass-mailing macro virus) haunted the PCs until Redmond took steps to calm them down.

How does macro malware work?

A Macro automates the frequency of a performed task and does it repeatedly. Usually, a macro malware is a piece of embedded code hidden in a document. If it’s attached to a Microsoft Office file, it’s usually written in Visual Basic for Applications.

macro-malware-return

Whenever some infected PC’s user performs an operation like opening a document or starting Word, a macro malware runs automatically. Due to the popularity of Microsoft Word, this malware spreads easily. When Microsoft recognized the threat, it changed the default Office configuration and stopped allowing macro execution.

Why has macro malware returned?

Many big organizations use macros and make themselves prone to the risk by opening the backdoor. As a result, hackers take the advantage of the situation and use methods like social engineering to facilitate the return of macro malware. It is spread through spam email attachments with frequently changing subjects to avoid detection.

In the recent years, the increasing popularity of the Office software has allowed them to access more low-level PC features. During the past few quarters, we have noticed a huge increase in the macro malware. As a result, the Office macro threat is at its highest level in the past six years.

macro-malware-return
How to defeat macro malware attack?

After being around for almost two decades, the new breed of macro malware has become more efficient and flexible by utilizing features like PowerShell.

macro-malware-return-word

    To defeat such attacks, you are advised to install the operating system and Office updates and patch the vulnerabilities regularly.
    Use an antimalware software and configure it to scan all email and attachments. Turn off the settings that allow the documents to download and open directly.
    Don’t open unexpected documents received in emails and configure your browser security settings to the maximum level.
    Look for pings from IP addresses like 1.3.1.2 or 2.2.1.1, etc. from internal computers.
    Be extra cautious while opening empty documents that ask you to enable macros to views the content.

Source: MacAfee Labs.

Bill Gates Sponsored Giant Fans Will Soon Suck CO2 From Air and Recycle it as Fuel

Carbon-Engineering-Plant; CO2 is the major cause of climate change and global warming. As of now, sustainable development is just in speeches and when an immediate solution was seeming unlikely, Carbon Engineering came up with a technology that would reduce and recycle the CO2 present in the atmosphere instantaneously.
The rate of climate change today, and its effects on the planet’s future, incite some of the strongest opinions and anxiety among the people. While the world acknowledges it, yet no one wants to share the responsibility. No wonder Elon Musk calls this as humanity’s dumbest experiment.

Carbon emission is the biggest contributor to the increase in global temperatures worldwide, and it will continue to do so until an immediate solution is panned out. Planting trees can do the trick, but it would require vast amounts of fertile land to absorb even a small volume of CO2. But what if we could build something that does the same as forests- suck CO2 out of the atmosphere?

Carbon Engineering, a company sponsored by Bill gates, is working on technologies to take CO2 directly out of the atmosphere. It sounds amazing but not easy as CO2 represents just one molecule out of 2500 molecules in the air.

Carbon Engineering has built the prototype contactor that converts 100 kilos of carbon dioxide present in the atmosphere every day into harmless carbonates. Now just imagine the extent of their full-scale system.

At its maximum capacity, the full-scale system by the Carbon Engineering team is expected to capture the emissions from 300,000 cars every year. Air capture doesn’t require any exotic technology and can be scaled in size and installed anywhere on the Earth (since CO2 is present everywhere) depending on the economic and industrial needs of the place.

And, it doesn’t end here. The pure CO2 can be combined with H2 and form hydrocarbon fuels such as gasoline and jet fuel, thus continuing the above process.

Air-capture-forming-hydrocarbon-fuel

Air capture seems quite a promising technology, a solution that could provide sustainable development at a lower cost. The conventional cars are not going out anytime soon and nor the industries going to slow their pace, so air capture could be a game changer without affecting the development agenda of the countries.

3 Easy Steps that Protect Your Website From Hackers

As a webmaster, is there anything more terrifying than the thought of seeing all of your web-developed work being altered or wiped out entirely by a nefarious hacker?  You’ve worked hard on your website – so take the time to protect it by implementing basic hacking protections!

In addition to regularly backing up your files (which you should already be doing, for various reasons), taking the following three easy steps will help to keep your website safe:

 

Step #1 – Keep platforms and scripts up-to-date

One of the best things you can do to protect your website is to make sure any platforms or scripts you’ve installed are up-to-date.  Because many of these tools are created as open-source software programs, their code is easily available – both to good-intentioned developers and malicious hackers.  Hackers can pour over this code, looking for security loopholes that allow them to take control of your website by exploiting any platform or script weaknesses.

As an example, if you’re running a website built on WordPress, both your base WordPress installation and any third-party plugins you’ve installed may potentially be vulnerable to these types of attacks.  Making sure you always have the newest versions of your platform and scripts installed minimizes the risk that you’ll be hacked in this way – though this isn’t a “fail safe” way to protect your website.

 

Step #2 – Install security plugins, when possible

To enhance the security of your website once your platform and scripts are up-to-date, look into security plugins that actively prevent against hacking attempts.

Again, using WordPress as an example, you’ll want to look into free plugins like Better WP Security and Bulletproof Security (or similar tools that are available for websites built on other content management systems).  These products address the weaknesses that are inherent in each platform, foiling additional types of hacking attempts that could threaten your website.

Alternatively – whether you’re running a CMS-managed site or HTML pages – take a look at SiteLock.  SiteLock goes above and beyond simply closing site security loopholes by providing daily monitoring for everything from malware detection to vulnerability identification to active virus scanning and more.  If your business relies on its website, SiteLock is definitely an investment worth considering.

site lock hacking protection

 

 

 

Step #3 – Lock down your directory and file permissions

Now, for this final technique, we’re going to get a little technical – but stick with me for a moment…

All websites can be boiled down to a series of files and folders that are stored on your web hosting account.  Besides containing all of the scripts and data needed to make your website work, each of these files and folders is assigned a set of permissions that controls who can read, write, and execute any given file or folder, relative to the user they are or the group to which they belong.

On the Linux operating system, permissions are viewable as a three digit code where each digit is an integer between 0-7.  The first digit represents permissions for the owner of the file, the second digit represents permissions for anyone assigned to the group that owns the file, and the third digit represents permissions for everyone else.  The assignations work as follows:

4 equals Read
2 equals Write
1 equals Execute
0 equals no permissions for that user

As an example, take the permission code “644.”  In this case, a “6” (or “4+2”) in the first position gives the file’s owner the ability to read and write the file.  The “4” in the second and third positions means that both group users and internet users at large can read the file only – protecting the file from unexpected manipulations.

So, a file with “777” (or 4+2+1 / 4+2+1 / 4+2+1 )permissions would then readable, write-able, and executable by the user, the group and everyone else in the world.

As you might expect, a file that is assigned a permission code that gives anyone on the web the ability to write and execute it is much less secure than one which has been locked down in order to reserve all rights for the owner alone.  Of course, there are valid reasons to open up access to other groups of users (anonymous FTP upload, as one example), but these instances must be carefully considered in order to avoid creating a security risk.

For this reason, a good rule of thumb is to set your permissions as follows:

  • Folders and directories = 755
  • Individual files = 644

To set your file permissions, log in to your cPanel’s File Manager or connect to your server via FTP.  Once inside, you’ll see a list of your existing file permissions (as in the following example generated using the Filezilla FTP program):

chmod 1

The final column in this example displays the folder and file permissions currently assigned to the website’s content.  To change these permissions in Filezilla, simply right click the folder or file in question and select the “File permissions” option.  Doing so will launch a screen that allows you to assign different permissions using a series of checkboxes:

chmod 2

Although your web host’s or FTP program’s backend might look slightly different, the basic process for changing permissions remains the same.

Shocking!!! Instagram hacked. Researchef hacked into instagram server and Admin panel.


how-to-hack-instagram
Ever wonder how to hack Instagram or how to hack a facebook account? Well, someone just did it!

But, remember, even responsibly reporting a security vulnerability could end up in taking legal actions against you.

An independent security researcher claims he was threatened by Facebook after he responsibly revealed a series of security vulnerabilities and configuration flaws that allowed him to successfully gained access to sensitive data stored on Instagram servers, including:

    Source Code of Instagram website
    SSL Certificates and Private Keys for Instagram
    Keys used to sign authentication cookies
    Personal details of Instagram Users and Employees
    Email server credentials
    Keys for over a half-dozen critical other functions

However, instead of paying him a reward, Facebook has threatened to sue the researcher of intentionally withholding flaws and information from its team.

Wesley Weinberg, a senior security researcher at Synack, participated in Facebook's bug bounty program and started analyzing Instagram systems after one of his friends hinted him to a potentially vulnerable server located at sensu.instagram.com

The researcher found an RCE (Remote Code Execution) bug in the way it processed users’ session cookies that are generally used to remember users' log-in details.
wesley-weinberg-security-researcher
Remote code execution bug was possible due to two weaknesses:

    The Sensu-Admin web app running on the server contained a hard-coded Ruby secret token
    The host running a version of Ruby (3.x) that was susceptible to code execution via the Ruby session cookie

Exploiting the vulnerability, Weinberg was able to force the server to vomit up a database containing login details, including credentials, of Instagram and Facebook employees.

Although the passwords were encrypted with ‘bcrypt’, Weinberg was able to crack a dozen of passwords that had been very weak (like changeme, instagram, password) in just a few minutes.

Exposed EVERYTHING including Your Selfies

Weinberg did not stop here. He took a close look at other configuration files he found on the server and discovered that one of the files contained some keys for Amazon Web Services accounts, the cloud computing service used to host Instagram's Sensu setup.

These keys listed 82 Amazon S3 buckets (storage units), but these buckets were unique. He found nothing sensitive in the latest file in that bucket, but when he looked at the older version of the file, he found another key pair that let him read the contents of all 82 buckets.
Instagram-admin-hacking
Weinberg had inadvertently stumbled upon almost EVERYTHING including:

    Instagram's source code
    SSL certificates and private keys (including for instagram.com and *.instagram.com)
    API keys that are used for interacting with other services
    Images uploaded by Instagram users
    Static content from the instagram.com website
    Email server credentials
    iOS/Android app signing keys
    Other sensitive data

    "To say that I had gained access to basically all of Instagram's secret key material would probably be a fair statement," Weinberg wrote in his blog. "With the keys I obtained, I could now easily impersonate Instagram, or any valid user or staff member. While out of scope, I would have easily been able to gain full access to any user’s account, [personal] pictures and data."

Instagram-admin-hacking
Responsible Disclosure, but Facebook Threatens Lawsuit

Weinberg reported his findings to Facebook's security team, but the social media giant was concerned he had accessed private data of its users and employees while uncovering the issues.

Instead of receiving a reward from Facebook for his hard work, Weinberg was unqualified for the bug bounty program by Facebook.

In early December, Weinberg claims his boss Synack CEO, Jay Kaplan, received a scary call from Facebook security chief Alex Stamos regarding the weaknesses Weinberg discovered in Instagram that left Instagram and Facebook users wide open to a devastating attack.

Stamos "stated that he did not want to have to get Facebook's legal team involved, but that he was not sure if this was something he needed to go to law enforcement over," Weinberg wrote in his blog in a section entitled 'Threats and Intimidation.'

In response, Stamos issued a statement, saying he "did not threaten legal action against Synack or [Weinberg] nor did [he] ask for [Weinberg] to be fired."

Stamos said he only told Kaplan to "keep this out of the hands of the lawyers on both sides."

    "Condoning researchers going well above and beyond what is necessary to find and fix critical issues would create a precedent that could be used by those aiming to violate the privacy of our users, and such behavior by legitimate security researchers puts the future of paid bug bounties at risk," Stamos added.


Facebook Responds

After the original publication by the researcher, Facebook issued its response, saying the claims are false and that Weinberg was never told not to publish his findings, rather only asked not to disclose the non-public information he accessed.

The social media giant confirmed the existence of the remote code execution bug in the sensu.instagram.com domain and promised a bug bounty of $2,500 as a reward to Weinberg and his friend who initially hinted that the server was openly accessible.

However, the other vulnerabilities that allowed Weinberg to gain access to sensitive data were not qualified, with Facebook saying he violated user privacy while accessing the data.

Here's the full statement by Facebook:

    We are strong advocates of the security researcher community and have built positive relationships with thousands of people through our bug bounty program. These interactions must include trust, however, and that includes reporting the details of bugs that are found and not using them to access private information in an unauthorized manner. In this case, the researcher intentionally withheld bugs and information from our team and went far beyond the guidelines of our program to pull private, non-user data from internal systems.

    We paid him for his initial bug report based on the quality, even though he was not the first to report it, but we didn't pay for the subsequent information that he had withheld. At no point did we say he could not publish his findings — we asked that he refrain from disclosing the non-public information he accessed in violation of our program guidelines. We remain firmly committed to paying for high quality research and helping the community learn from researchers' hard work.

Chinese hacker Steals $170,000 by hacking airline website and offering ticket booking:


Chinese Hacker Pockets Cool $170,000 After Hacking Airline Website
Chinese hacker defrauds hundreds of passengers by cancelling the flights and sending them re-booking offers

A 19-year-old man in Dalian, China has been arrested by the police after he was caught hacking into an airline’s website, stealing booking information from 1.6 million ticket orders, and ripping off hundreds of travelers. Using the information, the teen went on to make hundreds of fraudulent transactions that pocketed him 1.1 million Yuan ($170,000 / €156,000).

The teenager, identified as Zhang from Heilongjiang, north-east China hacked the website of a yet unnamed Chinese airline company by exploiting vulnerabilities in its B2B system. He illegally downloaded 1.6 million passengers booking details such as names, flight details, ID card numbers, email addresses, and mobile phone numbers.

He also used his access to the website to cancel some current bookings, and later, using the stolen information, he sent out groups texts, telling them that the “the plane is out of order and the flight is cancelled”. They needed to pay extra fees if they wanted to rebook. This is how the hacker made his money, by offering a re-booking link that pocketed him re-booking fees.

It took the airline three weeks to notice the data breach. The airline lost more than 80,000 yuan ($12,365 USD) from people demanding a refund.

The hack lasted from July 31 to August 20, and by August 22, the airline announced the breach after several fraud complaints from customers, and also on the same day alerted Guangzhou police.

“The suspect coded the hacking software himself,” a police officer said.

According to People’s Daily Online, authorities eventually tracked down Zhang and arrested him in Dalian, a city in North China, on November 11. A police officer said the hack was a result of a loophole in the airline’s computer system and was not highly sophisticated.

5 ways to find what Google knows about you


Five ways in which you may find out what information does Google possess about you

Since Google has become the synonyms with Internet, the whole science of advertisement has somewhat changed. But one thing has remained unaffected-Threats of your personal information being leaked or sold to some ad-company. We are here with some ways you can know upto which extent your details are being kept.
1.Account Login Details

Using Google you can actually check all your account login details that will include all the device details with which your account is logged in. And also the location of the device where your account is logged in. And your can use this service at the page Google Security with your account.
2.Google Dashboard

This is one of the cool feature of Google where you can see all the summary of your Google account in a single place. This will include all yours calendar records, your contacts details, your sync bookmark, your cloud printed documents and lots of things that you will get to know when you use this. So visit the Dashboard to see all these details.
3.Google Ads you clicked

This is one of the cool thing that keeps track on your internet ads interest activities, with this you will get to know about the ads that you had clicked and all these will be categorized according to their type and you can see all your clicks interest. So visit Google Ads page today.
4.Recent activity on Web or Apps

This is the another cool feature that allow user to check out their searches keyword that they had used in some of apps and with that you can have a look on the most used or searched keyword by visiting the Web & App Activity Page.
5.Location History

One of the best feature that provided by the search engine website to user is the location history. This feature can be really helpful when you want to find any missing person by checking its location history. You can manage each and everything easily. You may like to visit Google Location History.
 

You Can Hack Into a Linux System by Pressing Backspace 28 Times. Here’s How to Fix It


Grub Vulnerability : You can Hack into a Linux PC/laptop just by pressing ‘Backspace’ 28 times

Most of us swear by Linux as a super secure operating system but two security researchers from Spain have discovered a unique vulnerability in Linux which could give even a noob access to a Linux powered PC.
Here’s How to Exploit the Linux Vulnerability
If your computer system is vulnerable to this bug:
Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a “Grub rescue shell” under Grub2 versions 1.98 to version 2.02.
This rescue shell allows unauthenticated access to a computer and the ability to load another environment.
From this shell, any potential attacker could gain access to all the data on a Linux computer, and can misuse it to steal or delete all the data, or install persistent malware or rootkit, according to researchers Ismael Ripoll and Hector Marco, who published their research on Tuesday.
According to Ripoll and Marco, the Grub vulnerability affects Linux systems from December 2009 to the present date. They have stated that even some older Linux PCs may be affected by this bug.
Patch
The good news is the researchers have made an emergency patch to fix the Grub2 vulnerability. So if you are a Linux user and worried your system might be vulnerable, you can apply this emergency patch, available here.
Meanwhile, many major distributions, including Ubuntu, Red Hat, and Debian have also released emergency patches to fix the issue.

A single email can give hackers access to the entire network:


Google researchers find code-execution bug in FireEye threat-prevention devices which can give hackers complete access to networks

Almost all companies install cyber security solutions to safeguard their networks against malicious vectors like hacking, spamming etc. Imagine what happens if there is a vulnerability in once such security device meant to protect your network.

Now, researchers say they have uncovered a critical vulnerability in such a product from security firm FireEye that can give attackers full network access.

According to Tavis Ormandy from Google, they have discovered an vulnerability in the NX, EX, AX, FX series of FireEye products. Ormandy says that the vulnerability makes it possible for attackers to penetrate a network by sending one of its members a single malicious e-mail, even if it’s never opened.

Ormandy, who has already uncovered bugs in many anti-virus solutions in the past says that they have informed FireEye about the bug. Ormandy has explained in a blog post published Tuesday:

For networks with deployed FireEye devices, a vulnerability that can be exploited via the passive monitoring interface would be a nightmare scenario. This would mean an attacker would only have to send an email to a user to gain access to a persistent network tap—the recipient wouldn’t even have to read the email, just receiving it would be enough.

‘A network tap is one of the most privileged machines on the network, with access to employee’s email, passwords, downloads, browsing history, confidential attachments, everything. In some deployment configurations* an attacker could tamper with traffic, inserting backdoors or worse. Because FireEye devices typically have a secondary internet-connected interface for updates and management, the issue could even be wormable across the internet.’

The devices are supposed to passively monitor network traffic from HTTP, FTP, SMTP connections. In instances where there’s a file transfer, the security appliance will scan it for malware. Ormandy and fellow Project Zero researcher Natalie Silvanovich found a vulnerability that can be exploited through such a passive monitoring interface. The researchers used the JODE Java decompiler to reverse engineer Java Archive files used by the FireEye devices. They then figured out a way to get the appliance to execute a malicious archive file by mimicking some of the same features found in legitimate ones.

“Putting these steps together, an attacker can send an e-mail to a user or get them to click a link, and completely compromise one of the most privileged machines on the network,” the researchers reported. “This allows exfiltration of confidential data, tampering with traffic, lateral movement around networks and even self-propagating internet worms.”

In a statement, a FireEye spokesman wrote:

On Friday December 4, FireEye was informed of and confirmed a Remote Code Execution (RCE) vulnerability impacting our NX, EX, AX, and FX products by Google Project Zero’s Tavis Ormandy. FireEye had been engaged with and was supporting the Google Project Zero team prior to this discovery around the testing of our products.

We released an automated remediation to customers just 6 hours after notification, mitigating any customer exposure by Saturday morning, December 5th and released a full, automated fix on Monday, December 7. In addition, we will be releasing a fix to support our out-of-contract customers.

We are thankful for the opportunity to support researchers in the testing of our products and will continue to support their efforts and fully support their efforts to improve our products.