Fedora 44 : util-linux (2026-67cf3d6cca)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-67cf3d6cca advisory. upstream update, fixes security-related bugs CVE-2026-27456 - mount8 TOCTOU symlink attack via loop device. The SUID mount follows symlinks when resolving lo...

EUVD-2005-0964

Malware in sbrugna...

EUVD-2000-0111

Malware in sbrugna...

Qemu: improper ide controller reset can lead to mbr overwrite

...

CLSA-2023-1673905718 Fix CVE(s): CVE-2016-5011

SECURITY UPDATE: Extended partition loop in MBR partition table leads to DoS - debian/patches/CVE-2016-5011-1.patch: ignore MBR extended partition at zero offset - debian/patches/CVE-2016-5011-2.patch: avoid non-empty recursion in EBR - CVE-2016-5011...

Update: Destructive Malware Targeting Organizations in Ukraine

Summary Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Updated April 28, 2022 This advisor...

New Wiper Malware Targeting Ukraine Amid Russia's Military Operation

Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country. The Slovak company dubbed the wiper "HermeticWiper...

Return of Pseudo Ransomware

Return of Pseudo Ransomware By Trellix, Max Kersten and Raj Samani · January 20, 2022 Arnab Roy, Filippo Sitzia and Mo Cashman contributed to the research supporting this blog Recent news reports of a “ransomware” campaign targeting Ukraine has resulted in significant press coverage regarding not...

Destructive Wiper Targeting Ukraine Aimed at Eroding Trust

Russia is positioned for a hot-war attack on Ukraine that the Biden administration warned could come “at any point” — but the country is already suffering an attack of a different kind. A sweeping malware campaign remains ongoing, which experts agree is intended to permanently disrupt organizatio...

A New Destructive Malware Targeting Ukrainian Government and Business Entities

Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation dubbed "WhisperGate" targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia. "The...

Microsoft Warns of Destructive Malware Targeting Ukrainian Organizations

Microsoft has released a blog post on possible Master Boot Record MBR Wiper activity targeting Ukrainian organizations, including Ukrainian government agencies. According to Microsoft, powering down the victim device executes the malware, which overwrites the MBR with a ransom note; however, the...

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage

A rare Windows UEFI bootkit malware has been discovered, offering attackers a path to cyber-espionage, researchers are warning. According to ESET, the bootkit’s goal is to install a full featured backdoor on a target PC, which “supports a rich set of commands and contains various automatic data...

Wiper Malware Called "Coronavirus" Spreads Among Windows Victims

A new Windows malware has emerged that makes disks unusable by overwriting the master boot record MBR. It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.” Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that...

Iran Targets Mideast Oil with ZeroCleare Wiper Malware

A freshly-discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services IRIS, ZeroCleare so-named because of the program database pathname of its binary file was...

Ransomware Roundup: Attacking the Master Boot Record Featuring Petya

Ransomware is innovating to spread faster, hit harder and increase its payout potential. New, unknown variants pop up daily, and many leverage non-malware techniques to evade traditional defenses. Petya is a perfect example of how modern ransomware is evolving, using new techniques to attack the...

Decryption Key to Original Petya Ransomware Released

The master key to the original version of the Petya ransomware – not to be confused with the latest and massive Petya/ExPetr outbreak that swept through the Ukraine and parts of Europe last month – has been released, allowing all the victims of previous Petya attacks to unscramble their encrypted...

All this EternalPetya stuff makes me WannaCry

Another week goes by and yet again we have another ransomware outbreak initially dropped by a malicious software update and eventually spreading within internal networks using several methods - including EternalBlue - the leaked exploit from the ShadowBrokers group. Security researchers can’t see...

Petya Is Not Ransomware, It's a 'Wiper'

The outbreak of the ExPetr malware isn’t a ransomware attack, but more precisely, it’s a wiper attack that sabotaged PCs globally, overwriting their Master Boot Record forever. That’s the analysis of security experts from Kaspersky Lab and Comae Technologies who shared their latest research on th...

New Petya Distribution Vectors Bubbling to Surface

Join Kaspersky Lab and Comae Technologies Thursday June 29, 2017 at 10 a.m. Eastern time for a webinar “The Inside Story of the Petya/ExPetr Ransomware.” Click here to attend. While Microsoft and others continue to shore up links between yesterday’s global ransomware outbreak and the update...

Turns Out New Petya is Not a Ransomware, It’s a Destructive Wiper Malware

What if I say the Tuesday's devastating global malware outbreak was not due to any ransomware infection? Yes, the Petya ransomware attacks that began infecting computers in several countries, including Russia, Ukraine, France, India and the United States on Tuesday and demands $300 ransom was not...