1166 matches found
Google Firebase cloud messaging abused to spread Android malware
By Waqas Dubbed Firestarter by researchers; the Android malware campaign is exploiting the Kashmir issue between India and Pakistan but its target remains the Pakistani government, noted Cisco Talos researchers. Cisco Talos researchers have discovered that the APT threat group DoNot exploits...
Integrate Security into Your GCP with Google Cloud SDK
Dive into this how to guide on integrating Trend Micro Cloud One™ – Workload Security with Google Cloud Platform™...
What's New in Edge Delivery
Welcome to day two of the Akamai Platform Update! Today, we're focusing on Akamai's edge delivery products as well as other complimentary products that help drive great digital experiences. The last several months have been nothing short of unprecedented as lockdowns, quarantines, and other...
Google Cloud Buckets Exposed in Rampant Misconfiguration
Six percent of all Google Cloud buckets are misconfigured and left open to the public internet, for anyone to access their contents. In a survey of 2,064 Google Cloud buckets by Comparitech, 131 of them were found to be vulnerable to unauthorized access by users who could list, download and/or...
VPS-Docker-For-Pentest - Create A VPS On Google Cloud Platform Or Digital Ocean Easily With The Docker For Pentest
Create a VPS on Google Cloud Platform or Digital Ocean easily with the docker for pentest included to launch the assessment to the target. Requirements Terraform installed Ansible installed SSH private and public keys Google Cloud Platform or Digital Ocean account. Usage 1.- Clone the repository...
USN-4485-1: Linux kernel vulnerabilities
Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915gemexecbuffer2ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2018-20669 It was discovered that the...
The vulnerability of the Google Cloud OS guest-oslogin entry environment, related to incorrect default access permissions settings, allows attackers to escalate their privileges.
The vulnerability of the Google Cloud OS guest-oslogin entry environment is related to incorrect default access settings. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the Google Cloud OS guest-oslogin entry environment, related to incorrect default access permissions settings, allows attackers to escalate their privileges.
The vulnerability of the Google Cloud OS guest-oslogin entry environment is related to incorrect default access settings. Exploiting this vulnerability can allow an attacker to increase their privileges...
USN-4426-1: Linux kernel vulnerabilities
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. CVE-2019-20908 Fan Yang...
Cloudtopolis - Cracking Hashes In The Cloud For Free
Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended and also, free!. Requirements Have 1 Google account at least. Installation Cloudtopolis installation is carried out in two phases: Phase 1...
USN-4404-2: Linux kernel vulnerabilities
USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when...
Google Cloud Platform guest-oslogin elevation of privilege vulnerability (CNVD-2020-60516)
Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...
Google Cloud Platform guest-oslogin elevation of privilege vulnerability
Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...
Google Cloud Platform guest-oslogin elevation of privilege vulnerability (CNVD-2020-60515)
Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
CVE-2020-8907
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...
CVE-2020-8933
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
CVE-2020-8933
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...
CVE-2020-8907
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...