Collaborate Disseminate
Following last year’s disclosure of the BlueBorne vulnerability security experts note that about 2 billion Bluetooth devices are still affected by it. BlueBorne is a collection of bugs that allow the hackers to intrude into them. Many of these de… Continue reading 2 Billion Bluetooth Devices Still Affected by the Blueborne Vulnerability
A vulnerability has been identified in the Linux Kernel (version 4.9+) which is tracked in the CVE-2018-5390 advisory. It lists several conditions that allow criminals to modify packets leading to the coordination of DOS (Denial of service) attacks. CV… Continue reading CVE-2018-5390: Vulnerability in Linux Kernel allows for DoS Attacks
A Spectre variant 4 vulnerability has been identified in the Linux kernel and represents a very dangerous threat to all affected machines. All system administrators are urged to apply the latest updates as soon as possible to mitigate any possible…Re… Continue reading CVE-2018-3639: Spectre Variant 4 Vulnerability Affects the Linux Kernel
Check Point researchers recently took the time to review the Linux kernel, and more specifically they looked into drivers trying to roll their own usage of the mmap() function. How Was CVE-2018-8781 Discovered? The idea of re-implementing kernel functi… Continue reading CVE-2018-8781: 8-Year-Old Linux Kernel Bug Discovered
Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulne… Continue reading Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors
Remember SambaCry?
Almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software, allowing a hacker to remotely take full control of a vulnerable Linux and Unix machines.
We dubbed the… Continue reading New Linux Malware Exploits SambaCry Flaw to Silently Backdoor NAS Devices
Update: Find working Exploits and Proof-of-Concepts at the bottom of this article.
Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.
Dubbed Stack Clash
Continue reading A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered
A high-severity vulnerability has been reported in Linux that could be exploited by a low privilege attacker to gain full root access on an affected system.
The vulnerability, identified as CVE-2017-1000367, was discovered by researchers at Qualys Sec… Continue reading High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges
A high-severity vulnerability has been reported in Linux that could be exploited by a low privilege attacker to gain full root access on an affected system.
The vulnerability, identified as CVE-2017-1000367, was discovered by researchers at Qualys Sec… Continue reading High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges
A high-severity vulnerability in sudo has been patched in a number of Linux distributions; the flaw allows local attackers to elevate privileges to root. Continue reading Patches Available for Linux Sudo Vulnerability