5 matches found
Facebook osquery elevation of privilege vulnerability
Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. An elevation of privilege vulnerability exists in Facebook osquery versions prior to 4.4.0. The vulnerability stems from the fact that when a Windows system is...
Facebook osquery trust management issue vulnerability
Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. A trust management issue vulnerability exists in Facebook osquery versions 2.9.0 through 4.2.0 excluding versions 2.9.0 and 4.2.0, which stems from the program...
Facebook OSQuery Code Signing Bypass (macOS)
The installed version of Facebook OSQuery is less than 3.2.7 and is therefore vulnerable to allowing execution of malicious binaries due to accepting forged Apple signatures. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid110643; scriptversion"1.5";...
Signature Validation Bug Let Malware Bypass Several Mac Security Products
A years-old vulnerability has been discovered in the way several security products for Mac implement Apple's code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers. Josh Pitts, a researcher...
On the Yahoo Breach, WhatsApp-Facebook, and Zerodium's $1.5M Bounty
Mike Mimoso and Chris Brook discuss the news of the week, including the latest on the Yahoo breach, Germany’s problem with WhatsApp-Facebook, Facebook osquery tool for Windows, and Zerodium’s $1.5M iOS bounty. Download: ThreatpostNewsWrapSeptember302016.mp3 Music by Chris Gonsalves...