kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

Implementations of UDP-based application protocols are vulnerable to network loops

Overview A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols. An unauthenticated attacker can use maliciously-crafted packets against a UDP-based vulnerable implementation of application protocols e.g., DNS, NTP, TFTP that can...

Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK™ and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneli...

Open-Xchange OX Guard Cross Site Scripting / Signature Validation

Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs appsuite, dovecot, powerdns at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH Product: OX...

Road navigation systems can be spoofed using $223 equipment

By Waqas Researchers from a number of renowned institutions including Virginia Tech, the University of Electronic Science and Technology of China and Microsoft Research have concluded that it is possible to spoof GPS signals and send people in the wrong direction. The ironic part is that such an...

Various DNS service implementations generate multiple simultaneous queries for the same resource record

Overview Various implementations of DNS services may allow multiple simultaneous queries for the same resource record, allowing an attacker to apply probabilistic techniques to improve their odds of successful DNS spoofing. Description Some implementations of DNS services contain a vulnerability...

Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation

Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation source: https://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without...