Log4j vulnerability now used to install Dridex banking malware
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.
A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.
Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned the recently-revealed Log4j vulnerability was “one of the most serious” she’s seen in her entire career, “if not the most serious”.
A local privilege escalation security vulnerability (CVE-2021-3939) could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME's AccountsService component.
A recent research paper by a team at University of California, Riverside, shows the existence of previously overlooked side channels in the Linux kernels that can be exploited to attack DNS servers. According to the researchers, the issue with DNS roots in its design, that never really took security as a key concern and that made it extremely hard to retrofit strong security features into it.
CloudLinux’s security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug, leaving web servers vulnerable to code execution and tekeover.
A critical Linux kernel bug (CVE-2021-43267) exists in a TIPC message type that allows Linux nodes to send cryptographic keys to each other, and could allow remote takeover.
The CISA recently urged developers to update Discourse versions 2.7.8 and earlier, warning of a critical remote code execution (RCE) vulnerability (CVE-2021-41163) discovered in the platform.
LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. "Allowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code."
A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code.The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution.
Developers behind the Apache HTTP Server Project are urging users to apply a fix immediately to resolve a zero-day vulnerability.
An Ubuntu Linux kernel security update fixes 12 security vulnerabilities affecting the Linux 5.4 LTS kernel in Ubuntu 20.04 LTS and Ubuntu 18.04 LTS systems, as well as the Linux 5.11 kernel in Ubuntu 21.04 systems on all supported architectures and platforms.
Apache OpenOffice (AOO) is currently vulnerable to a remote code execution vulnerability (CVE-2021-33035) recently discovered by security researcher Eugene Lim, and while the app's source code has been patched, the fix has only been made available as beta software and awaits an official release.
Azure users running Linux VMs may not be aware they have a severely vulnerable piece of management software installed on their machine by Microsoft, which can be remotely exploited in an incredibly surprising and equally stupid way. "This is a textbook RCE vulnerability that you would expect to see in the 90's -- it's highly unusual to have one crop up in 2021 that can expose millions of endpoints," Wiz security researcher Nir Ohfeld wrote.
Canonical has published Linux kernel updates for all of its supported Ubuntu releases to address several security vulnerabilities discovered in the upstream Linux kernels that could lead to privilege escalation attacks, the execurtion of arbitrary code, the exposure of sensitive information and system crash. Update now!
Recently discovered flaws impacting Linux and Windows users alike could give attackers the highest system privileges. Remediations have been released for a security shortcoming affecting all Linux kernel versions from 2014 that can be exploited by malicious users and malware already deployed on a system to gain root-level privileges.
Hackers are exploiting a dangerous privilege escalation Linux kernel security flaw known as “Dirty COW” to hijack vulnerable systems. Patch now!
Learn about the positives and negatives of Linux's peculiar patching process.
Red Hat has used RPM for software package distribution for decades, but thanks to CloudLinux developer Dmitry Antipov we now know that RPM contained a nasty hidden security bug since Day One. A repair patch for this major security hole has been submitted, but Antipov fears that it may be months before the fix is released.
Canonical has released a new major Linux kernel security update for Ubuntu 21.04 (Hirsute Hippo), patching a total of 17 security vulnerabilities!