A Dangerous Local Vulnerability is Found in Systemd 228

A Dangerous Local Vulnerability is Found in Systemd 228 A dangerous local vulnerability is found in systemd 228 that allows a non-privileged attacker run a code as superuser. As stated by security researcher Sebastian Krahmer, the problem previously found in systemd can be exploited not only for Linux distribution kit maintenance rejection, but for full access to the system. The vulnerability occurs when systemd timers are runned initiating touch_file() function that creates files in directories...


Vulnerability in Nginx allows for root privileges in the system

Vulnerability in Nginx allows for root privileges in the system Attackers are able to escalate their privileges and compromise the system as a result Security researcher Dawid Golunski states that vulnerability in nginx (CVE-2016-1247) allows local attackers to obtain root privileges in the system. Intruders who have managed to compromise an application hosted on nginx server and gained access to www-data account can easily exploit this vulnerability. Attackers can escalate their privileges,...


Malefactors Use KillDisk for Attacks on Linux Systems

Malefactors Use KillDisk for Attacks on Linux Systems New opportunities of KillDisk allow to control malware through the C&C server and use the application as a crypto ransomware ESET researchers have discovered a new variant of KillDisk malware designed for attacks on the  Linux systems. KillDisk is a destructive malware that became known due to an attack against the Ukrainian power grid in December 2015. The malware was also used during the attacks against the financial sector of Ukraine...


The Mirai botnet has a powerful competitor now

The Mirai botnet has a powerful competitor now The new Leet botnet was used in the DDoS attack on the infrastructure of the Imperva Incapsula company Imperva Incapsula’s analysts have recorded a DDoS attack on the company’s infrastructure, which can lay claim to being the most powerful ones in the departing year. The power of the attack reached 650 Gb/s at its peak. As the analysis of the trash packets showed, the attack had been organized with the use of the new Leet botnet consisting of...