Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
Monthly Archives: April 2016
CVE-2016-2140
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
CVE-2016-2166
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-2170
Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVE-2016-2556
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors.
CVE-2016-2557
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
CVE-2016-2558
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.
.NET Framework 4.6 DLL Hijacking
A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker’s share. An attacker can use this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet. This issue can be exploited even if the Office document is opened in Protected View.
Avira Free Antivirus – Even your grandma will love it
If you are under 40 years of age, it’s very likely that you know how to use computers and mobile devices — and how to install the needed software to keep them secure. Also, it’s also very likely that at least once you’ve been in position to demonstrate how a technology works to some of your elder relatives. Our Avira Free Antivirus is here to make these moments of your life less stressful.
The post Avira Free Antivirus – Even your grandma will love it appeared first on Avira Blog.
Uncovering the WhatsApp encryption
Avid WhatsApp-ers were the first ones to notice the new security changes the company put into action last week. Now, your conversations on WhatsApp are safer through end-to-end encryption. With this new security system, your messages safely travel from mobile to mobile, from your hands to the person on the other side of the message.
The notification would appear in a message like this:
Say you are at your favorite coffee shop, sipping on a hot drink and you decide to connect to the Wi-Fi, but instead connect to a false Wi-Fi network (hackers set-up fake networks to gain access your information like e-mail, passwords and other information.)
In theory, cyber-criminals could steal your messages but it’d be pretty pointless without a decryption key. Breaking public keys, which are different for each message, would be both time-consuming and extremely complicated. Instead of juicy information, the third-party would see senseless characters in the place of the message.
The security measure reassures us that the content coming into our mobiles (i.e. text, photos, videos, files, and voice recordings) are completely private.
But end-to-end encryption is not the solution to everything.
However, it is a giant step for the safety and quality of our chats.
Experts say there several factors to consider:
- To make the system work, all participants must have updated their WhatsApp. If one of the members of a group still using an older version, the chats remain “unsafe”.
- This security measure ensures that messages travel from one mobile to another securely, but they remain vulnerable to attack if they are stored on the devices. Not all “smartphones” are the smartest: some don’t encrypt their content but most modern ones do by default or at least allow it as an option (ex. the latest iPhone or Lollipop by Android).
- Sometimes the juiciest of information is not shown in our messages, but in something called metadata, which is “data that provides information for other data” like who called who, when they called, for how long, etc. In the end, if your sensitive information ends up in the hands of a country’s secret service or a judge, WhatsApp’s parent company, Facebook, would be responsible for it. Do you trust them?
You should update your WhatsApp and enjoy the insurance of end-to-end encryption, but don’t solely depend on it for your full-protection and privacy. Although it’s a definite upgrade in mobile security, it’s still an insufficient form of protection.
The post Uncovering the WhatsApp encryption appeared first on Panda Security Mediacenter.