cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1) cronic.out.$$, (2) cronic.err.$$, or (3) cronic.trace.$$ file in /tmp.
Monthly Archives: July 2016
Red Hat Security Advisory 2016-1487-01
Red Hat Security Advisory 2016-1487-01 – Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
Red Hat Security Advisory 2016-1486-01
Red Hat Security Advisory 2016-1486-01 – Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
Red Hat Security Advisory 2016-1485-01
Red Hat Security Advisory 2016-1485-01 – Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.82. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
7 potential explanations behind the DNC email leak
Many of you have likely been keeping up with recent news about the resignation of Democratic National Committee chairwoman Debbie Wasserman Schultz following a large email leak from WikiLeaks. An article from ZDNet summarizes the event in the following statement:
“The leak from WikiLeaks on Friday included 19,000 emails in a searchable database. Some alleged emails sent from the accounts of Democratic National Committee officials were trying to weaken [Bernie] Sander’s campaign for the nomination, with one thread even targeting his religion.”
Warning: Over 100 Tor Nodes Found Designed to Spy On Deep Web Users
Researchers have discovered over 100 malicious nodes on the Tor anonymity network that are “misbehaving” and potentially spying on Dark Web sites that use Tor to mask the identities of their operators.
Two researchers, Amirali Sanatinia and Guevara Noubir, from Northwestern University, carried out an experiment on the Tor Network for 72 days and discovered at least 110 malicious Tor Hidden
Public, Private Sector Team to Fight Ransomware
Security firms and law enforcement launch No More Ransom, a web-based effort dedicated to ransomware awareness and decryption tools.
Is Russia Behind the DNC Hack to Help Donald Trump? FBI Initiate an Investigation
On Friday, just three days prior to the start of the party’s national convention, WikiLeaks released almost 20,000 e-mails with more than 8,000 stolen from the US Democratic National Committee (DNC) following a cyber attack in June.
Two days later, on Sunday, DNC Chairwoman Debbie Wasserman Schultz announced her resignation and now had no major role on the party’s convention stage.
Many of
