Kaspersky Lab today announced that its Consumer Security Risks Survey shows that half of the mobile devices around the globe are at risk from cybercrime and malicious threats, due to a lack of adequate protection.
Monthly Archives: October 2016
Shanghaied shops & ABS / Scout detection
Some shop owners leave their shops unattended, be it due to bad configuration or missing updates. It’s the “Key in the ignition – engine running” scenario. The problem: those oversights are easy to spot and hack, all one needs to do is write a script.
The post Shanghaied shops & ABS / Scout detection appeared first on Avira Blog.
The Hive Mind: When IoT devices go rogue
IoT devices, while extremely useful for simplifying various mundane aspects of everyday life, also offer criminals a new attack platform: your appliances.
The post The Hive Mind: When IoT devices go rogue appeared first on WeLiveSecurity.
Hacking Firmware from Mobile Phone Hacking Company Leaked Online
The Israeli firm Cellebrite, which provides digital forensics tools and software to help law enforcement access mobile phones in investigations, has had its firmware and software leaked online.
Yes, you heard that right. Cellebrite’s most sensitive in-house capabilities have been made public by one of its products’ resellers, who is now distributing copies of Cellebrite’s firmware and
ASUSWRT LAN Backdoor Remote Command Execution (CVE-2014-9583)
A remote command execution vulnerability exists in Asuswrt. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.
Adobe IExternalizable Interface Use After Free Code Execution (CVE-2016-7855)
A Use After Free vulnerability exists in Adobe IExternalizable Interface. The vulnerability is due to a reuse of a freed Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted SWF file.
Bugtraq: wincvs-2.0.2.4 Privilege Escalation
wincvs-2.0.2.4 Privilege Escalation
Bugtraq: CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path
CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path
RHSA-2016:2105-1: Important: kernel security update
Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-5195
RHSA-2016:2099-1: Important: bind security update
Red Hat Enterprise Linux: An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced
Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat
Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco
Extended Update Support, Red Hat Enterprise Linux 6.6 Extended Update Support,
and Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-2776, CVE-2016-2848