While studying the infamous EternalBlue exploit about 2 months ago, researchers Sean Dillon (zerosum0x0) and Zach Harding (Aleph-Naught-) found a new flaw in the Server Message Block (SMB) protocol that could allow an adversary to interrupt the service by depleting the memory and CPU resources of the targeted machine on...
Read more
Presented at BlackHat USA 2017 by Itzik Kotler and Amit Klein from SafeBreach Labs, the PoC tool relies on packing data inside an executable the main malware process creates on the compromised endpoint. Thus, if the AV product employs an Internet-connected sandbox as part of its cloud service, data is...
Read more
Description: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. Impact: An attacker can exploit this issue to cause a local...
Read more
Description: Oracle MySQL Server is prone to a remote security vulnerability in MySQL Server. The vulnerability can be exploited over the ‘MySQL’ protocol. The ‘Server: DML’ sub component is affected. This vulnerability affects the following supported versions: 5.7.18 and prior 5.5.56 and prior 5.6.36 and prior Impact: Remote Security Vulnerability....
Read more
Description: Adobe Acrobat and Reader are prone to multiple unspecified memory-corruption vulnerabilities. Adobe recommends users update their software installations to the latest versions by following the instructions below. The latest product versions are available to end users via one of the following methods: Users can update their product installations manually...
Read more
BitMixer, the world’s most popular Bitcoin mixing service has announced last weekend it was shutting down operations effective immediately.In a statement, the BitMixer owners said they were shutting down the service after realizing that Bitcoin was a “transparent non-anonymous system by design.”
A hacker or group of hackers has breached the servers of HBO and have stolen over 1.5TB of information, some of which they leaked online over the weekend. The hackers announced the leak by sending private emails to a group of selected reporters. The emails contained links to the leaked...
Read more
While mobile ransomware such as the recent SLocker focuses on encrypting files on the victim’s devices, a new mobile ransomware named LeakerLocker taps into its victims’ worst fears by allegedly threatening to send personal data on a remote server and expose its contents to everyone on their contact lists.
Another case of pre-installed malware make the headlines, malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones, including Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Experts speculate that threat actors compromised the supply chain infecting...
Read more
The researcher found that two cameras from Chinese gadget maker Shenzhen Neo Electronic have vulnerabilities that allow hackers to remotely access their video stream, or take full control of the cameras, opening up the possibility that someone could amass an an Internet of Things botnet of around 150,000 devices. Alex...
Read more