This Week in Security: Week #7 (Linux Kernel, glibc, Locky Ransomware)

Originally Posted on DZone

Linux Kernel

A Linux Kernel bug has been discovered that affects the following containers: Docker IPv6, Kubernetes, Google Container Engine and Mesos. The bug is related to the veth network routing devices that don’t check TCP checksums.

Read more here

glibc

glibc released a patch to address a Critical buffer overflow
issue in getaddrinfo(). This is a flaw in the DNS resolver that could allow remote code execution.

Read more here

Locky Ransomware

Yet another ransomware, surprising no one has created one called YAR.

Locky ransomware is diffused via a macro in a word document, the price to pay for the keys is half a bitcoin.
careful of emails that say they have an invoice attached as well.

Read more here

SimpliSafe Alarms

SimpliSafe don’t unfortunately encrypt the security code when transmitting from the keypad to the basestation. This is a wireless system and by sniffing the network it is possible to retrieve the entry code and disable the alarm.

Read more here

Joomla Under Attack

Exploit Kits that were previously targeting WordPress web sites are now being used to target Joomla sites.

Read more here

New Android XBot Trojan

The new Android XBot trojan includes just about every nasty you can think of. It’s really full of them, it steals your bank and credit card data, allows hackers to block your device remotely and also includes ransomware to top it all.

Read more here

New Version of Gozi Trojan

The new version of the Gozi Trojan targets the Windows 10 Edge browser by injecting malicious code.
Read more here

Comodo Devices contain VNC server.

Comodo devices contain a VNC server that once you gain access to it has admin rights. The problem with this server is that the is generated using an algorithm based on characteristics of the onboard disk.

Read more here

Just a thought

Perhaps we should consider using the same mechanism used to capture cheaters on steam to capture people trafficking or purchasing stolen data on the web.

You can read about how they were catching cheaters here

Be the first to comment on "This Week in Security: Week #7 (Linux Kernel, glibc, Locky Ransomware)"

Leave a Reply

%d bloggers like this: