Blog
A Dangerous Local Vulnerability is Found in Systemd 228
A dangerous local vulnerability is found in systemd 228 that allows a non-privileged attacker run a code as superuser.
As stated by security researcher Sebastian Krahmer, the problem previously found in systemd can be exploited not only for Linux distribution ...
Vulnerability in Nginx allows for root privileges in the system
Attackers are able to escalate their privileges and compromise the system as a result
Security researcher Dawid Golunski states that vulnerability in nginx (CVE-2016-1247) allows local attackers to obtain root privileges in the system.
Intruders who have managed to compromise an ...
Malefactors Use KillDisk for Attacks on Linux Systems
New opportunities of KillDisk allow to control malware through the C&C server and use the application as a crypto ransomware
ESET researchers have discovered a new variant of KillDisk malware designed for attacks on the Linux systems.
KillDisk is a destructive ...
The Mirai botnet has a powerful competitor now
The new Leet botnet was used in the DDoS attack on the infrastructure of the Imperva Incapsula company
Imperva Incapsula’s analysts have recorded a DDoS attack on the company’s infrastructure, which can lay claim to being the most powerful ones ...
Critical Vulnerability in PHPMailer library found
The hole allows to remotely execute a code in the context of web server and compromize the web application.
Polish security researcher Dawid Golunski from Legal Hackers has found a critical hole in one of the most popular open source ...
Google releases new tools to prevent XSS-attacks
Googleinfo-icon has released new tools and related documentation to help developers reduce the risk of XSS attacks using the Content Security Policy (CSP) standard. XSS-vulnerabilities continue to affect many web applications, including those developed by large companies.
In the past ...
Unidentified hackers compromised ethereum.org forum’s database
December 19, 2016, a notice appeared in Ethereum Project’s official blog, warning that ethereum.org forum was compromised by unknown attackers.
The administration learned about the data leak on December 16, 2016. The first results of the investigation showed the following ...