Archive for January, 2020

What Is WinRAR Bug?

WinRAR is a commonly used software for creating and extracting archives on Windows and other supported OS. The main reason for the popularity of the software is that it is capable of supporting different types of packing formats. Thus, the software has over 500 million users. However, the software was found to be corrupted by a bug which was named ‘WinRAR Bug’.

1. When Was WinRAR Bug Discovered?

The bug was discovered in early 2019; however, the bug itself was 19-years old at the time of discovery. The bug was discovered by security research run by ‘Check Point Research’.

2. What Is WinRAR Bug?

It is a code execution vulnerability (CVE 2018-20250). The code was used to extract the ACE archive format (which is now rarely used). The library that is responsible for the vulnerability is UNACEV2.DLL. The library had not been updated since 2005. Also, it was a third-party library so, WinRAR did not have access to the source code. This made it troublesome to amend the vulnerability.

3. What Does It Do?

  • The vulnerability can be exploited by pushing specially prepared archives to the user system.
  • The hackers can manipulate WinRAR by renaming an ACE file with a ‘rar’ extension.
  • The vulnerability now enables hackers to extract files to any folder instead of the default or user-selected folder.
    Hackers extract malware loaded files to the Windows start-up folder.
  • The malware is executed at the next start of the system.

4. What Are The Examples Of Cyber Attack Campaigns Launched To Exploit WinRAR Bug?

  • The vulnerability was exploited by hackers to launch more than 100 targetted attacks. Some of the examples are:
    One such attack uses a bootlegged copy of Ariana Grande’s hit album ‘Thank you, Next’ with a file name ‘Ariana_Grande-thank_u,_next(2019)_[320].rar’ which contains a hidden malware code. Whenever a compromised version of WinRAR is used to extract the files, a list of harmless MP3 files is downloaded to the user’s selected folder, while the malware payload is extracted in the Windows Startup folder in the background without the user’s knowledge. When the user starts his system next time, the payload is run to launch the malware code.
  • Apart from general attacks, the hackers also used this vulnerability to target government agencies by embedding technical documents, law documents and other such archives with malicious code.

5. How To Get Rid Of The Bug?

WinRAR has launched a new version ‘5.70 beta 1’ with patched vulnerability. Since WinRAR did not have access to the source code of the culprit directory, the team has completely deleted this directory from the new version. Thus, ACE format support has been dropped from WinRAR in order to protect the users.

Also, all the WinRAR versions that were launched prior to ‘5.70 beta 1’ are prone to the vulnerability and WinRAR does not have an auto-update feature. So, it is advised to manually download the new version to avoid being a victim of exploits based on WinRAR bug.

For more information on computer and network security for businesses, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Necurs Botnet

PDF Version: Necurs-Botnet

, , , ,

No Comments

All You Need To Know About DevOps

As a term, DevOps is derived by combining two different terms- Dev and Ops. “Dev” is a vast term that covers all kinds of software developers and “Ops” includes system engineers, system administrators, operations staff, release engineers, network engineers, system security professionals, and various other sub-disciplines.

DevOps is a practice rather than a set of tools. It can be defined as a setup where the development and operations engineers work together through all the stages of a service lifecycle including design, development, production support, deployment, testing, and continuous improvement.

DevOps is essentially based upon a CAMS structure:

  • Culture: This practice requires the organization to build a culture where people and processes are top priorities. It focuses on the overall service that is delivered to the customer instead of the ‘working software’ only.
  • Automation: In order to implement the DevOps practice to its complete capabilities, it is essential to build an automated fabric of tools. Common tools that should be a part of this fabric are the tools for release management, provisioning, configuration management, systems integration, monitoring, control, and orchestration.
  • Measurement: Successful implementation of DevOps requires a team to regularly measure some metrics such as performance metrics, product metrics, and people metrics. Regularly measuring these metrics helps the team to make improvements, where required.
  • Sharing: Sharing of ideas is an important part of DevOps implementation. It involves a thorough discussion of problems between the development and operations teams to find common solutions.

Challenges Solved By DevOps:

In the absence of DevOps application development, a general development scenario includes:

  • A development team that is responsible for gathering business requirements for software and writing code.
  • A QA team that is responsible for testing the software in an isolated development environment and releasing the code for deployment by the operations team, if requirements are met.
  • A deployment team that is further fragmented into independent groups such as networking and database teams.

Since the teams functioned independently, new challenges are added whenever software is pushed from one phase to another. Some of the challenges arising from this setup are:

  • The development team is unaware of the problems faced by the QA and Operations teams which may prevent the software from functioning as required.
  • QA and operations teams have little information about the business purpose and value that formed the basis of software development.
  • Each team has independent goals that may contradict each other leading to reduced efficiency.

DevOps application development helps in integrating the teams and thus, overcoming these challenges. It establishes cross-functional teams that run in collaboration to maintain the environment that runs the software.

For more information on DevOps, call Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments

A Comprehensive Guide To Continuous Deployment

Continuous Deployment is the practice of releasing software on production servers continuously in an automated manner. Before a software is released, it needs to be thoroughly tested for ensuring that it is free from any bugs and errors. In the case of continuous deployment, the testing is done by using a testing software instead of manual testing. If the code is found to be free from errors, it is automatically deployed. The automation of the release of the software helps software development organizations in ensuring that the software updates reach the end-users as soon as possible with a minimum lag time.

One of the primary requirements for continuous deployment is to implement a series of other automated programs that can pull the software seamlessly through later stages of development into release. These stages of development include compiling and validation of source code, reviewing the code, unit testing, integration testing, packaging the application and user acceptance testing.

How Is Continuous Deployment Different From Continuous Integration And Continuous Delivery?

Continuous deployment takes continuous delivery a step further, which is generally perceived as furtherance of continuous integration. In order to understand the difference, it is important to understand the terms individually:

  • Continuous Integration: It is a technique that continually merges the source code from different developers into a shared mainline. This helps in avoiding cataclysmic merge conflicts as new source code is regularly added by various developers.
  • Continuous Delivery: This technique adds a step to continuous integration. It takes the merged code and conducts the necessary tests to ensure that the code is error-free. Thus, in this technique, the code is written, tested and pushed into a production-like environment. The software stays in the holding area until a developer manually pushes it for deployment.

Continuous Deployment reduces the hold time of continuous delivery by taking it a step further. Once the software code is created, tested and pushed into the production-like environment to see how it would perform in the real-time environment; the code is deployed automatically without any manual interference.

Stages Of Continuous Deployment Pipeline

  1. Deploy To Production: In this step, developers need to deploy the software in a production environment without releasing the functionality to end-users. Also, it is important to implement a system that allows you to toggle between the old & new versions.
  2. Verify: During this stage, various tests are performed including user acceptance, stress test, performance test, etc.
  3. Monitor: Monitor the deployed code as per your business metrics to gain insights for strategic business outcomes. Make sure that the code works as desired in the production environment and make the changes as required.
  4. Respond & Recover: After the software is released, it is important to keep a check for unforeseen issues. Manage a system for proactively detecting problems before they are detected by end-users and recover from these problems by providing fixes or patches.

For more information on continuous deployment, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments