Daniel Shapira from Twistlock wrote a blog about exploiting a Linux kernel vulnerability in the waitid() syscall (CVE-2017-5123) in order to modify the Linux capabilities of a Docker container, gain privileges and escape the container jail.
Posted
#Weekly-News
There is a remotely exploitable vulnerability in the Vitek CCTV firmware. Reverse netcat shell included.
Posted
#Weekly-News
Crooks hacked Fox-IT by capturing fox-it.com DNS record, then obtained a certificated and executed a man-in-the-middle attack on connection.
Posted
#Weekly-News
The 'Janus' Android vulnerability (CVE-2017-13156) allows attackers to modify the code in applications without affecting their signatures. The root of the problem is that a file can be a valid APK file and a valid DEX file at the same time. The vulnerability allows attackers to inject malware into legitimate application and avoiding detection.
Posted
#Weekly-News
The German Interior Minister is preparing a law that will force device manufacturers to include backdoors within their products that law enforcement agencies could use at their discretion for legal investigations.
Posted
#Weekly-News
According to the annual State of Open Source Security report, 77% of 433000 analyzed sites use at least one front-end JavaScript library with a known security vulnerability.
Posted
#Weekly-News
Multiple critical vulnerabilities were found in the Intel Management Engine, Trusted Execution Engine and Server Platform Services by Intel audit after 3rd party researchers reported the privilege escalation vulnerability.
Posted
#Weekly-News
Researchers exploited antivirus software quarantine mechanism to gain privileges by manipulating the restore process from the virus quarantine. By abusing NTFS directory junctions, the AV quarantine restore process can be manipulated, so that previously quarantined files can be written to arbitrary file system locations.
Posted
#Weekly-News
There are at least 14 newly discovered vulnerabilities in the Linux kernel USB subsystem. The vulnerabilities were found by the Google syzkaller kernel fuzzer. According to the researchers, all of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine.
Posted
#Weekly-News
Researchers from the Masaryk University finally published full paper of the practical cryptographic attack against the implementation of RSA in the widely used trusted platform modules / crypto tokens. 'The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli'
Posted
#Weekly-News