Mirai Variant ‘OMG’ Turns IoT Devices into Proxy Servers for Cryptomining

By Waqas Mirai IoT bot malware is one such piece of malicious This is a post from HackRead.com Read the original post: Mirai Variant 'OMG' Turns IoT Devices into Proxy Servers for Cryptomining...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 1. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.118/: Upgraded. This kernel includes user pointer sanitization mitigation for the...

MGASA-2018-0134 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.20 and adds KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86. Arm platorm has now also addedmitigations for Meltdown CVE-2017-5754 and Spectre, variant 2 CVE-2017-5715. For other fixes in this update, read the referenced changelogs...

Ubuntu 17.10 : linux vulnerabilities (USN-3581-1) (Spectre)

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3582-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3582-1 advisory. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage....

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3581-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3581-2 advisory. USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement H...

USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel...

USN-3582-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 Laurent Guerby discovered that...

USN-3581-2: Linux kernel (HWE) vulnerabilities

USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contain...

USN-3581-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

Ubuntu: Security Advisory (USN-3581-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3582-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3581-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: linux-firmware

Issue Overview: Speculative execution branch target injection An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ ...

TrickBot Variant Steals Bitcoin by Hijacking Cryptocurrency Transactions

By Waqas Another day, another malware - This time TrickBot's variant is This is a post from HackRead.com Read the original post: TrickBot Variant Steals Bitcoin by Hijacking Cryptocurrency Transactions...

MGASA-2018-0124 Updated gcc packages fix security vulnerability

This update provides and update to 5.5.0 maintenance release and adds support for retpoline, a mitigation technique for CVE-2017-5715 branch target injection aka 'Spectre Variant 2' that is needed at least for the kernels...

Updated gcc packages fix security vulnerability

This update provides and update to 5.5.0 maintenance release and adds support for retpoline, a mitigation technique for CVE-2017-5715 branch target injection aka 'Spectre Variant 2' that is needed at least for the kernels...

Intel Releases New Spectre Patch Update for Skylake Processors

After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities Variant 2. For those unaware, Spectre Variant 1, Variant 2 and Meltdown...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 2. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.115/: Upgraded. This kernel includes full retpoline mitigation for the Spectre varian...

Slackware 14.2 : Slackware 14.2 kernel (SSA:2018-037-01) (Spectre)

New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 2. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-037-01. The text itself is...