Description: AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971. Impact: Remote attackers can exploit this issue to bypass certain security restrictions and...
Read more
Description: udevd in udev 232, when the Linux kernel 4.8.0 is used, does not properly verify the source of a Netlink message, which allows local users to execute arbitrary commands by leveraging access to the NETLINK_KOBJECT_UEVENT family, and the presence of the /lib/udev/rules.d/50-udev-default.rules file, to provide a crafted REMOVE_CMD value....
Read more
Description: A privilege escalation vulnerability was found in nagios that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It’s possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change. Impact:...
Read more
A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons. The list — spotted by Ankit Anubhav, a security researcher with New Sky Security — includes an...
Read more
The news for the motoring public was bad enough a few weeks ago: a team of researchers had demonstrated yet another hackable flaw in connected vehicles – in the Controller Area Network (CAN) bus standard – that could enable a Denial of Service (DoS) attack on safety systems including brakes, airbags and...
Read more
It’s no secret. We’re really bad at passwords. Nevertheless, they aren’t going away any time soon. With so many websites and online applications requiring us to create accounts and think up passwords in a hurry, it’s no wonder so many of us struggle to follow the advice of so-called password...
Read more
MalwareHunterTeam has discovered a new variant of the CryptoMix ransomware that is appending the .EMPTY extension to encrypted file names. Considering that the previous variant used ERROR as the previous extension and now uses empty, it is clear that the developers are running out of ideas for extensions. This article will provide a...
Read more
Having little to no coding experience is no longer a problem for wannabe mobile malware authors, thanks to Trojan Development Kits (TDKs). Criminals can now install an app that will allow them to quickly and easily create Android ransomware with their own devices. It should be noted that the use...
Read more
Recently, we discussed how cyber criminals are using the popular voice/chat client Discord to steal cookies from the running Roblox process on a Windows PC. Since then, we’ve noticed another attack going after the same information, only this time it is via Chrome extensions (CRX files). While currently it is targeting only...
Read more
Google has had an exciting summer, for good and bad reasons. The good news: Google just officially launched the eighth version of its operating system, Android Oreo, with enhancements for battery life and security. Last month, it also began rolling out a new feature called Google Play Protect, designed to scan apps that could...
Read more
