220 matches found
Flaw in Virtualization Software Could Lead to VM Escapes, Data Theft
Researchers have uncovered a vulnerability in an obscure component of many virtualization platforms that they say can allow an attacker to escape from a guest virtual machine and gain code execution on the host, as well as any other VMs operating on that machine. Experts say the bug affects a wid...
RHEL 7 : qemu-kvm-rhev (RHSA-2015:1000) (Venom)
Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
RHEL 6 : qemu-kvm-rhev (RHSA-2015:1001)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1001 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the...
RHEL 7 : qemu-kvm (RHSA-2015:0999) (Venom)
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
CentOS 6 : qemu-kvm (CESA-2015:0998) (Venom)
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
RHEL 6 : qemu-kvm (RHSA-2015:0998)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0998 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the...
Hackers' Op-Sec Failures Important Clues to Uncover APT Gangs
CANCUN – Sophistication, resourcefulness and ingenuity are characteristics usually associated with state-sponsored espionage hacker groups. But they’re certainly not infallible. Like most detective work, security analysts generally are able to toss back the covers on APT campaigns and major...
Researchers: PlugX More Prominent Than Ever
Existing in some form since 2008, the popular remote access tool PlugX has as notorious a history as any malware, but according to researchers the tool saw a spike of popularity in 2014 and is the go-to malware for many adversary groups. Many attacks, especially those occurring during the latter...
CrowdStrike found Windows x64 to mention the right to 0day (CVE-2 0 1 4-4 1 1 3)-vulnerability warning-the black bar safety net
Monitoring the program to display from the WEBSHELL using Win64. exe to elevate permissions | 1 | net localgroup administrators admin /add ---|--- 1 2 3 4 next...
Firms Detail Zero Days Targeting Windows Kernel
After they were patched in yesterday’s round of Patch Tuesday security bulletins, security firms have begun to peel back the layers on two zero-day vulnerabilities that are being used in limited, targeted attacks against Microsoft’s Windows Kernel. According to FireEye, one of the firms that...
CrowdStrike: how we found Win64bit mention the right to 0day Vulnerability CVE-2 0 1 4-4 1 1 3-vulnerability warning-the black bar safety net
! Attackers often use known privilege escalation vulnerabilities to gain administrator-level access, and hack the direct use of the 0day vulnerability to attack is very rare. Recently, CrowdStrike team CrowdStrike Falcon Host is an Endpoint Threat Detection & Response monitoring to Win64bit2008 R...
China Putter Panda APT Attacks Linked to PLA Unit 61486
With indictments still fresh against a handful of Chinese nationals accused of hacking American companies and stealing intellectual property, another branch of the People’s Liberation Army and allegedly one of its officers have been outed for cyberespionage against U.S. and European aerospace and...
Apple Ships Critical OS X 10.9.2 Security Update
Apple today shipped a security update resolving a critical certificate-validation vulnerability in its OS X Mavericks operating system. Details of the bug, which exists in OS X version 10.9.1 and is resolved by version 10.9.2, emerged on Friday after the company patched essentially the same bug i...
SSL Vulnerability Affects OSX Too
The certificate-validation vulnerability that Apple patched in iOS yesterday also affected Mac OS X up to 10.9.1, the current version. Several security researchers analyzed the patch and looked at the code in question in OS X and found that the same error exists there as in iOS. Researcher Adam...
U.S. Oil, Gas Targeted by Espionage Malware Campaign
American gas and oil companies have been targeted by a hacking group with ties to the Russian Federation for close to 18 months, a new research report indicates. The attackers have leveraged watering hole attacks to infect users inside the critical infrastructure organizations to spread a remote...
Jason Geffner on Tortilla
Dennis Fisher talks with Jason Geffner of CrowdStrike about the new tool he released at Black Hat called Tortilla and his research on malware that uses domain-generating algorithms. audio https://media.threatpost.com/wp-content/uploads/sites/103/2013/08/07043604/digitalunderground120.mp3 Download...
Download Tortilla Tool - Anonymize everything through Tor
Recent disclosures by whistleblower Edward Snowden claiming that internet traffic is being intercepted and used by the Americans in their war on terror, force to re-think about the user's privacy and online anonymity. It has been relatively common knowledge for years that wherever we go on the we...
Download Tortilla Tool - Anonymize everything through Tor
Recent disclosures by whistleblower Edward Snowden claiming that internet traffic is being intercepted and used by the Americans in their war on terror, force to re-think about the user's privacy and online anonymity. It has been relatively common knowledge for years that wherever we go on the we...
Peer-to-Peer Botnet Takedowns a Challenge
The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...
Startup CrowdStrike Launches Crowd-Sourced Platform for Malware Analysis
Venture funded startup CrowdStrike has launched a new platform that will allow security researchers to work collaboratively to reverse engineer and analyze malicious code. The new platform, CrowdRE, was designed to resemble conventional software version control systems, with features that allow...