POPULARITY
In this week's reviewRise of LNK (Shortcut files) MalwareLockBit 3.0 Released Now With Bug Bounty ProgramCISA Says PwnKit Exploited in the WildBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
A daily look at the relevant information security news from overnight - 29 June, 2022Episode 254 - 29 June 2022Android Photo Overshare- https://www.bleepingcomputer.com/news/security/amazon-fixes-high-severity-vulnerability-in-android-photos-app/ Linux PWNkit - https://www.securityweek.com/cisa-says-pwnkit-linux-vulnerability-exploited-attacksService Fabric Fix- https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-that-let-hackers-hijack-azure-linux-clusters/Firefox 102 - https://www.securityweek.com/firefox-102-patches-19-vulnerabilities-improves-privacyUnRAR Vuln - https://thehackernews.com/2022/06/new-unrar-vulnerability-could-let.htmlHi, I'm Paul Torgersen. It's Wednesday June 29th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.comAmazon has fixed a vulnerability in its Photos app for Android, which has over 50 million downloads on the Google Play Store. The image and video storage app enables users to share files with up to five family members. Unfortunately, if the flaw is exploited, it also shares access tokens for Amazon API authentication with the bad guys. From SecurityWeek.com:The CISA says a Linux vulnerability known as PwnKit has been exploited in the wild. The flaw is a memory corruption issue that affects Polkit, a component designed for controlling system-wide privileges in Unix-like operating systems. Proof-of-concepts are available and exploitation is easy, which is why the CISA has added the vulnerability to its must patch list. Government orgs have until July 18 to install patches, but you private orgs should really get your patch on too. From BleepingComputer.com:Microsoft has fixed a container escape vulnerability in the Service Fabric application hosting platform. Exploitation could allow threat actors to escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. According to Microsoft, Service Fabric hosts over a million apps and powers many of their Azure products, as well as others. Not only should you get your patch on, but Microsoft recommends that customers continue to review all containerized workloads (both Linux and Windows) which are permitted access to their host clusters. From SecurityWeek.com:Mozilla has launched Firefox 102 that includes patches for 19 vulnerabilities, including four high-severity bugs. The new version also improves user privacy by mitigating query parameter tracking when navigating the internet with Enhanced Tracking Protection in strict mode. This confines cookies to the sites that created them, preventing cross-site tracking And last today, from TheHackerNews.comA new security vulnerability has been disclosed in RARlab's UnRAR utility that could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. Other versions of the software, including those for Windows and Android, are not impacted. Any software that utilizes an unpatched version of UnRAR to extract untrusted archives is affected by the flaw. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
Nachdem uns die Pwnkit-Sicherheitslücke bis in den Februar beschäftigte, werfen wir einen Blick auf Slackware 15. Mit Katello 4.3 und Uyuni 2022.01 gibt es zwei Updates für System-Management-Tools. Unsere Bastlerherzen freuen sich über das neue 64-bittige Raspberry Pi OS. Weitere Details um openSUSE 15.4 kommen ans Tagelicht und KDE Plasma erscheint in Version 5.24. CVE-2021-4034: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034CVE-2021-44731: https://ubuntu.com/security/CVE-2021-44731USN-5292-1: https://ubuntu.com/security/notices/USN-5292-1Pwnkit PoC: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txtSlackware 15 Release Notes: http://www.slackware.com/releasenotes/15.0.phpRaspberry Pi OS 64-bit: https://www.raspberrypi.com/news/raspberry-pi-os-64-bit/Raspberry Pi OS Performance-Benchmark: https://www.phoronix.com/scan.php?page=article&item=raspberrypi-32bit-64bitKatello 4.3 Changelog: https://github.com/Katello/katello/blob/KATELLO-4.3/CHANGELOG.mdUyuni 2022.01 Changelog: https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/OWIYRYL4DILGKA4XHOBNTTCFT2SZOAND/Ubuntu Errata-Support in Uyuni: https://github.com/uyuni-project/uyuni/pull/4733Rocky Linux EL9 Wallpaper-Contest: https://vote.rockylinux.org/elections/Washington University migriert seinen KLONE-Supercomputer auf Rocky Linux: https://hyak.uw.edu/blog/rocky-linux/Navy Linux schließt seine Pforten im Dezember 2022: https://twitter.com/NavyLinux/status/1490609207116189700?s=20&t=Rg5WBnq98HtIdF1fmep_hAopenSUSE Leap 15.4 Schedule: https://en.opensuse.org/openSUSE:Roadmap#Schedule_for_openSUSE_Leap_15.4KDE Plasma 5.24 LTS Ankündigung: https://kde.org/announcements/plasma/5/5.24.0/System76 stellt Scheduler-Erweiterung vor: https://www.reddit.com/r/linux/comments/sirees/improve_desktop_application_and_game_performance/Framework erhält Risikokapital: https://frame.work/de/de/blog/frameworks-series-a-and-the-years-aheadDocker Desktop für Linux Tech-Preview: https://docs.docker.com/desktop/linux/Focus on Devops - "E33 – Docker Desktop und Alternativen": https://ageofdevops.de/index.php/podcast/e33-docker-desktop-und-alternativen/GitHub stellt Repository-Zugriff für Sponsoren vor: https://techcrunch.com/2022/02/02/github-introduces-sponsor-only-repositories/Timeshift: https://github.com/teejee2008/timeshiftPandoc: https://pandoc.org/fpm: https://github.com/jordansissel/fpm
Nachdem uns die Pwnkit-Sicherheitslücke bis in den Februar beschäftigte, werfen wir einen Blick auf Slackware 15. Mit Katello 4.3 und Uyuni 2022.01 gibt es zwei Updates für System-Management-Tools. Unsere Bastlerherzen freuen sich über das neue 64-bittige Raspberry Pi OS. Weitere Details um openSUSE 15.4 kommen ans Tagelicht und KDE Plasma erscheint in Version 5.24. CVE-2021-4034: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034CVE-2021-44731: https://ubuntu.com/security/CVE-2021-44731USN-5292-1: https://ubuntu.com/security/notices/USN-5292-1Pwnkit PoC: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txtSlackware 15 Release Notes: http://www.slackware.com/releasenotes/15.0.phpRaspberry Pi OS 64-bit: https://www.raspberrypi.com/news/raspberry-pi-os-64-bit/Raspberry Pi OS Performance-Benchmark: https://www.phoronix.com/scan.php?page=article&item=raspberrypi-32bit-64bitKatello 4.3 Changelog: https://github.com/Katello/katello/blob/KATELLO-4.3/CHANGELOG.mdUyuni 2022.01 Changelog: https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/OWIYRYL4DILGKA4XHOBNTTCFT2SZOAND/Ubuntu Errata-Support in Uyuni: https://github.com/uyuni-project/uyuni/pull/4733Rocky Linux EL9 Wallpaper-Contest: https://vote.rockylinux.org/elections/Washington University migriert seinen KLONE-Supercomputer auf Rocky Linux: https://hyak.uw.edu/blog/rocky-linux/Navy Linux schließt seine Pforten im Dezember 2022: https://twitter.com/NavyLinux/status/1490609207116189700?s=20&t=Rg5WBnq98HtIdF1fmep_hAopenSUSE Leap 15.4 Schedule: https://en.opensuse.org/openSUSE:Roadmap#Schedule_for_openSUSE_Leap_15.4KDE Plasma 5.24 LTS Ankündigung: https://kde.org/announcements/plasma/5/5.24.0/System76 stellt Scheduler-Erweiterung vor: https://www.reddit.com/r/linux/comments/sirees/improve_desktop_application_and_game_performance/Framework erhält Risikokapital: https://frame.work/de/de/blog/frameworks-series-a-and-the-years-aheadDocker Desktop für Linux Tech-Preview: https://docs.docker.com/desktop/linux/Focus on Devops - "E33 – Docker Desktop und Alternativen": https://ageofdevops.de/index.php/podcast/e33-docker-desktop-und-alternativen/GitHub stellt Repository-Zugriff für Sponsoren vor: https://techcrunch.com/2022/02/02/github-introduces-sponsor-only-repositories/Timeshift: https://github.com/teejee2008/timeshiftPandoc: https://pandoc.org/fpm: https://github.com/jordansissel/fpm
Qualys researcher, Wheel, will discuss the discovery of the 12 year old Linux vulnerability in PolicyKit - which Qualys had dubbed, PwnKit. Wheel will provide an overview of the vulnerability and then dive into a technical discussion of the research. Segment Resources: https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw727
This week, we start the show off with Brian Honan, the CEO of BH Consulting joins to discuss why Cybersecurity is Not Just a Technical Problem! In the Security News for this week: Microsoft to block VBA macros by default (in some Office applications), Russia arrests it's 3rd hacking group, The ‘Metaverse' of security challenges, $323 Million in crypto stolen from the “Wormhole”, & a rapping influencer allegedly launders $4.5 billion worth of stolen crypto!! Next up, Qualys' Wheel joins to discuss Uncovering a Major Linux PolicyKit security vulnerability: Pwnkit! Show Notes: https://securityweekly.com/psw727 Segment Resources: Security Industry Failing to Establish Trust https://threatpost.com/security-industry-failing-to-establish-trust/128321/ Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal https://www.theregister.com/2017/11/24/infosec_disasters_learning_op/ IoT security: Lessons we can learn from the evolution of road safety https://www.helpnetsecurity.com/2018/08/09/iot-security-lessons/ https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we start the show off with Brian Honan, the CEO of BH Consulting joins to discuss why Cybersecurity is Not Just a Technical Problem! In the Security News for this week: Microsoft to block VBA macros by default (in some Office applications), Russia arrests it's 3rd hacking group, The ‘Metaverse' of security challenges, $323 Million in crypto stolen from the “Wormhole”, & a rapping influencer allegedly launders $4.5 billion worth of stolen crypto!! Next up, Qualys' Wheel joins to discuss Uncovering a Major Linux PolicyKit security vulnerability: Pwnkit! Show Notes: https://securityweekly.com/psw727 Segment Resources: Security Industry Failing to Establish Trust https://threatpost.com/security-industry-failing-to-establish-trust/128321/ Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal https://www.theregister.com/2017/11/24/infosec_disasters_learning_op/ IoT security: Lessons we can learn from the evolution of road safety https://www.helpnetsecurity.com/2018/08/09/iot-security-lessons/ https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we start the show off with Brian Honan, the CEO of BH Consulting joins to discuss why Cybersecurity is Not Just a Technical Problem! In the Security News for this week: Microsoft to block VBA macros by default (in some Office applications), Russia arrests it's 3rd hacking group, The ‘Metaverse' of security challenges, $323 Million in crypto stolen from the “Wormhole”, & a rapping influencer allegedly launders $4.5 billion worth of stolen crypto!! Next up, Qualys' Wheel joins to discuss Uncovering a Major Linux PolicyKit security vulnerability: Pwnkit! Show Notes: https://securityweekly.com/psw727 Segment Resources: Security Industry Failing to Establish Trust https://threatpost.com/security-industry-failing-to-establish-trust/128321/ Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal https://www.theregister.com/2017/11/24/infosec_disasters_learning_op/ IoT security: Lessons we can learn from the evolution of road safety https://www.helpnetsecurity.com/2018/08/09/iot-security-lessons/ https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Qualys researcher, Wheel, will discuss the discovery of the 12 year old Linux vulnerability in PolicyKit - which Qualys had dubbed, PwnKit. Wheel will provide an overview of the vulnerability and then dive into a technical discussion of the research. Segment Resources: https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw727
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/pwnkit-a-win32k-type-confusion-and-binary-ninja-3-0.html Binary ninja 3.0 just dropped, lets talk about that, then into pwnkit and a couple kernel bugs, and ending this week off with a discussion about dealing with imposter syndrome. [00:00:18] Spot the Vuln - Maintain Order [00:03:52] Binary Ninja 3.0 [00:13:09] PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit's pkexec [CVE-2021-4034] [00:27:20] Win32k Window Object Type Confusion [CVE-2022-21882] [00:34:20] Linux kernel: erroneous error handling after fd_install() [00:38:26] Question: Dealing with Imposter Syndrome The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.
Picture of the Week. Apple eliminates 0-days from iOS and macOS. Qualys published technical details for PwnKit. Log4Shell hits Ubiquiti. New bug bounties posted by Zerodium. "DrawnApart": A device identification technique based on remote GPU fingerprinting. Sorting Windows Folders to the TOP! Closing the Loop. SpinRite. The "Topics" API. We invite you to read our show notes at https://www.grc.com/sn/SN-856-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit itpro.tv/securitynow promo code SN30 progress.com/security-now
Picture of the Week. Apple eliminates 0-days from iOS and macOS. Qualys published technical details for PwnKit. Log4Shell hits Ubiquiti. New bug bounties posted by Zerodium. "DrawnApart": A device identification technique based on remote GPU fingerprinting. Sorting Windows Folders to the TOP! Closing the Loop. SpinRite. The "Topics" API. We invite you to read our show notes at https://www.grc.com/sn/SN-856-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit itpro.tv/securitynow promo code SN30 progress.com/security-now
Picture of the Week. Apple eliminates 0-days from iOS and macOS. Qualys published technical details for PwnKit. Log4Shell hits Ubiquiti. New bug bounties posted by Zerodium. "DrawnApart": A device identification technique based on remote GPU fingerprinting. Sorting Windows Folders to the TOP! Closing the Loop. SpinRite. The "Topics" API. We invite you to read our show notes at https://www.grc.com/sn/SN-856-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit itpro.tv/securitynow promo code SN30 progress.com/security-now
Picture of the Week. Apple eliminates 0-days from iOS and macOS. Qualys published technical details for PwnKit. Log4Shell hits Ubiquiti. New bug bounties posted by Zerodium. "DrawnApart": A device identification technique based on remote GPU fingerprinting. Sorting Windows Folders to the TOP! Closing the Loop. SpinRite. The "Topics" API. We invite you to read our show notes at https://www.grc.com/sn/SN-856-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit itpro.tv/securitynow promo code SN30 progress.com/security-now
Picture of the Week. Apple eliminates 0-days from iOS and macOS. Qualys published technical details for PwnKit. Log4Shell hits Ubiquiti. New bug bounties posted by Zerodium. "DrawnApart": A device identification technique based on remote GPU fingerprinting. Sorting Windows Folders to the TOP! Closing the Loop. SpinRite. The "Topics" API. We invite you to read our show notes at https://www.grc.com/sn/SN-856-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit itpro.tv/securitynow promo code SN30 progress.com/security-now
PwnKit LPE in Linux, two different smart contract logic flaws in two different hacks, a $100K bounty for Safari, Python NaN coercion, appsec games Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw182
PwnKit LPE in Linux, two different smart contract logic flaws in two different hacks, a $100K bounty for Safari, Python NaN coercion, appsec games Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw182
Marc en Seppe hebben de indruk dat er heel wat gekocht en verkocht wordt in technologieland, bespreken de PwnKit exploit, en hebben het over de Digital Services Act.
This week on the podcast, we cover Pwnkit, a privilege escalation vulnerability impacting almost every modern Linux release worldwide. We also dive in to the world of macOS malware with DazzleSpy, a remote a remote access trojan targeting Hong Kong pro-democracy advocates. Finally, we end with an update on North Korea's Lazarus APT and their latest attack tactics targeting organizations.
On this episode of This Week in Linux, PwnKit: PolicyKit Vulnerability Discovered, KDE Plasma 5.24 LTS Beta, Sway 1.7, Nvidia Might Abandon $40 Billion ARM Bid, Rancher Desktop 1.0, Wine 7.1, Vulkan 1.3, DeskMini UM700 PC with Manjaro Linux, Steam Deck Launching February 25th, Valve: Dynamic Cloud Sync For Steam Deck & PC, and Gamebuntu: […]
This week in the Security News: More QR codes you shouldn't trust, race conditions in Rust, encrypting railways, Pwnkit - the latest Linux exploit, tricking researchers into crashing, cybersecurity is broken?, the best cybersecurity research paper, evil Favicons, escaping Kubernetes, pimping your cubicle and someone who actually recovered their crypto wallet! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw725
This week in the Security News: More QR codes you shouldn't trust, race conditions in Rust, encrypting railways, Pwnkit - the latest Linux exploit, tricking researchers into crashing, cybersecurity is broken?, the best cybersecurity research paper, evil Favicons, escaping Kubernetes, pimping your cubicle and someone who actually recovered their crypto wallet! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw725
The big disruption that looks like a bust, a security issue you need to pay attention to, and some great news for the Steam Deck.
The big disruption that looks like a bust, a security issue you need to pay attention to, and some great news for the Steam Deck.
The big disruption that looks like a bust, a security issue you need to pay attention to, and some great news for the Steam Deck.
This week, we start the show off with an interview with Jimmy Sanders, CISO at Netflix, to talk about Cracks in the Castle! Next up, we have a technical segment where I walk through Securing Ubiquiti WiFi Systems! In the Final Segment, it's the Security News: More QR codes you shouldn't trust, race conditions in Rust, encrypting railways, Pwnkit - the latest Linux exploit, tricking researchers into crashing, cybersecurity is broken?, the best cybersecurity research paper, evil Favicons, escaping Kubernetes, pimping your cubicle and someone who actually recovered their crypto wallet! Show Notes: https://securityweekly.com/psw725 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we start the show off with an interview with Jimmy Sanders, CISO at Netflix, to talk about Cracks in the Castle! Next up, we have a technical segment where I walk through Securing Ubiquiti WiFi Systems! In the Final Segment, it's the Security News: More QR codes you shouldn't trust, race conditions in Rust, encrypting railways, Pwnkit - the latest Linux exploit, tricking researchers into crashing, cybersecurity is broken?, the best cybersecurity research paper, evil Favicons, escaping Kubernetes, pimping your cubicle and someone who actually recovered their crypto wallet! Show Notes: https://securityweekly.com/psw725 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly