Pierluigi Paganini
November 08, 2017
The Google researcher Andrey Konovalov discovered several vulnerabilities in the Linux kernel USB subsystem using the Google Syzkaller fuzzer. Google researcher Andrey Konovalov has discovered many security vulnerabilities in Linux USB Subsystem. The expert used a fuzzing tool developed by Google dubbed Syzkaller fuzzer, he discovered tens of vulnerabilities, including 22 security flaws. Konovalov published a detailed analysis of 14 vulnerabilities that have […]
Pierluigi Paganini
October 16, 2017
Cisco issued a security advisory on a local privilege escalation vulnerability in the Linux Kernel, patch it as soon as possible. On Friday, Cisco issued a security advisory on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). The vulnerability in the Linux Kernel, tracked as CVE-2017-15265, is due to a use-after-free memory […]
Pierluigi Paganini
September 28, 2017
A high-risk security vulnerability discovered more than two years ago has been patched in Linux kernel. The flaw discovered by researchers with Qualys Research Labs affects all Linux distributions that have not fixed their kernels after a commit released on April 14, 2015. Tracked as CVE-2017-1000253, the flaw could be exploited by attackers to escalate privileges. The vulnerability […]
Pierluigi Paganini
September 27, 2017
Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to the fact that it’s […]
Pierluigi Paganini
August 07, 2017
US authorities sentenced a Russian man to 46 months in prison and accused him of operating an Ebury botnet composed of tens of thousands of servers. US authorities sentenced a Russian man to 46 months in prison and accused him of infecting tens of thousands of servers worldwide with a Linux malware to generate millions in fraudulent payments. The […]
Pierluigi Paganini
July 28, 2017
Wikileaks published another batch of classified documents from the CIA Vault 7 leak, it includes details of the Imperial project. Today another batch of classified documents from the CIA Vault 7 leak was published by Wikileaks. The documents are related to a CIA project codenamed ‘Imperial,’ they include details of three CIA hacking tools and implants that […]
Pierluigi Paganini
July 24, 2017
The Debian Project announced the Debian 9.1 GNU/Linux, a version that brings numerous updates and addresses many security issues. The Debian Project announced the new Debian 9.1 release that includes 26 security fixes. The list of fixed problems includes the Heimdal Kerberos man-in-the-middle vulnerability, a 20 years-old vulnerability in Kerberos that was parched this week for both Microsoft and Linux distros. […]
Pierluigi Paganini
July 06, 2017
WikiLeaks leaked documents detailing BothanSpy and Gyrfalcon CIA implants designed to steal SSH credentials from Windows and Linux OSs. WikiLeaks has published a new batch of documents from the Vault7 dump detailing two new CIA implants alleged used by the agency to intercept and exfiltrate SSH (Secure Shell) credentials from both Windows and Linux operating systems […]
Pierluigi Paganini
July 01, 2017
WikiLeaks released a new batch of documents that detail the CIA tool OutlawCountry used to remotely spy on computers running Linux operating systems. WikiLeaks has released a new batch of documents from the Vault 7 leak that details a CIA tool, dubbed OutlawCountry, used by the agency to remotely spy on computers running Linux operating systems. According to the […]
Pierluigi Paganini
June 29, 2017
A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in the Systemd init system […]
