Gentoo Linux Security Advisory 201603-5 – Multiple vulnerabilities have been found in both LibreOffice and OpenOffice allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 4.4.2 are affected.
Monthly Archives: March 2016
Cisco Security Advisory 20160309-cmdos
Cisco Security Advisory – A vulnerability in the web-based administration interface of Cisco Model DPQ3925 8×4 DOCSIS 3.0 Wireless Residential Gateway with EDVA could allow an unauthenticated, remote attacker to cause the device to become unresponsive and restart, creating a denial of service (DoS) condition. The vulnerability is due to improper handling, processing, and termination of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to management-enabled interfaces of an affected system. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available.
Verifying The Integrity Of Linux ISO Images
What You Need To Know About Encryption On Your Phone
Spike In Ransomware Spam Prompts Warnings
Cisco Patches A Bunch Of Cable Modem Vulns
Ka-chink. So much for Mac invulnerability to malware. The facts
The informations of Mac computers being infected for the first time ever with a ransomware virus was the top news of March’s first weekend.
The post Ka-chink. So much for Mac invulnerability to malware. The facts appeared first on Avira Blog.
A closer look at the Locky ransomware
Today, we bring you a deep look into the latest ransomware called Locky. This new file encryptor, targeting PC users, has most likely been created by authors of the well-known Dridex botnet and is spread the same way.
Locky uses all “top class” features, such as a domain generation algorithm, custom encrypted communication, TOR/BitCoin payment, strong RSA-2048+AES-128 file encryption and can encrypt over 160 different file types, including virtual disks, source codes and databases.
We monitored the Locky family this past month and discovered a second variant of the malware, which has new features and program code improvements. Locky’s authors added a new hard-coded seed to the domain generation algorithm, which allows them to deactivate Locky on Russian PCs.
Infection vector
Locky is spreading via spam email campaigns that are similar to those used by the Dridex botnet. They use similar file names, obfuscation, email content and structure of download URLs.
We have observed three different campaign versions of Locky and have described them below.
Below is an example of one of the spam emails. The emails are designed to make people believe they were sent from large companies such as Nordstrom, Symantec and Crown Holdings.
Bugtraq: Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr"
Advisory X41-2016-001: Memory Corruption Vulnerability in “libotr”
Bugtraq: [CORE-2016-0003] – Samsung SW Update Tool MiTM
[CORE-2016-0003] – Samsung SW Update Tool MiTM