Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

New Linux Malware 'Nearly Impossible to Detect'

So-called Symbiote malware, first found targeting financial institutions, contains stealthy rootkit capabilities.

DARKReading
Open in Source
#vulnerability#mac#linux#intel#backdoor
Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones

A new research undertaken by a group of academics from the University of California San Diego has revealed for the first time that Bluetooth signals can be fingerprinted to track smartphones (and therefore, individuals). The identification, at its core, hinges on imperfections in the Bluetooth chipset hardware introduced during the manufacturing process, resulting in a "unique physical-layer

CVE-2021-44582: CVE-2021-44582/Privilege Escalation via Forced Browsing in Sourcecodester Money Transfer Management System at main · warmachine-57/CVE-2021-44582

A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL.

Potent Emotet Variant Spreads Via Stolen Email Credentials

The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns.

Hyperconverged Infrastructure (HCI) is Changing Data Centers

By Owais Sultan Hyperconverged infrastructure is changing the way data centers work for the better. Learn about the benefits of hyperconverged… This is a post from HackRead.com Read the original post: Hyperconverged Infrastructure (HCI) is Changing Data Centers

CVE-2017-20019: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices

A vulnerability classified as problematic was found in Solare Solar-Log 2.8.4-56/3.5.2-85. Affected by this vulnerability is an unknown functionality of the component Config Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.

CVE-2017-20018: XAMPP 7.1.1-0-VC14 DLL Hijacking ≈ Packet Storm

A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely.

CVE-2022-21499: git/torvalds/linux.git - Linux kernel source tree

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).

CVE-2022-30702: Security Bulletin: Trend Micro Security Out-Of-Bounds Read Information Disclosure Vulnerability

Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine.