Credit to Author: Mark Loman| Date: Thu, 14 Nov 2019 13:50:28 +0000
This article is a condensed version of our report How Ransomware Behaves: What defenders should know about the top families<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-0DnxPzSZek” height=”1″ width=”1″ alt=””/>
Read moreCredit to Author: Eric Avena| Date: Wed, 31 Jul 2019 16:30:35 +0000
The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.
The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security.
Read more
Credit to Author: SSD / Ori Nimron| Date: Mon, 07 Jan 2019 13:21:59 +0000
Vulnerabilities Summary The following advisory describes a vulnerability in SME Server 9.2, which lets an unauthenticated attackers perform XSS attack that leads to remote code execution as root. SME Server is a Linux distribution for small and medium enterprises by Koozali foundation. CVE CVE-2018-18072 Credit An independent security researcher, Karn Ganeshen has reported this vulnerability … Continue reading SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution
Read more
Credit to Author: SSD / Ori Nimron| Date: Thu, 04 Oct 2018 05:12:22 +0000
Vulnerabilities Summary Cisco Prime Infrastructure (CPI) contains two vulnerabilities that when exploited allow an unauthenticated attacker to achieve root privileges and execute code remotely. The first vulnerability is a file upload vulnerability that allows the attacker to upload and execute JSP files as the Apache Tomcat user. The second vulnerability is a privilege escalation to … Continue reading SSD Advisory – Cisco Prime Infrastructure File Inclusion and Remote Command Execution to Privileges Escalation
Read more
Credit to Author: SSD / Ori Nimron| Date: Thu, 27 Sep 2018 11:23:40 +0000
Vulnerabilities Summary The following advisory describes two vulnerabilities in the Linux Kernel. By combining these two vulnerabilities a privilege escalation can be achieved. The two vulnerabilities are quite old and have been around for at least 17 years, quite a few Long Term releases of Linux have them in their kernel. While the assessment of … Continue reading SSD Advisory – IRDA Linux Driver UAF
Read more
Credit to Author: SSD / Noam Rathaus| Date: Mon, 30 Apr 2018 13:05:13 +0000
Vulnerability Summary A use after free vulnerability in AF_LLC allows local attackers to control the flow of code that the kernel executes, allowing them to cause it to run arbitrary code and gain elevated privileges. Vendor Response The vulnerability was reported to the Kernel Security, which asked us to contact the netdev team. A patch … Continue reading SSD Advisory – Linux AF_LLC Double Free
Read more
Credit to Author: SSD / Maor Schwartz| Date: Tue, 26 Dec 2017 10:03:53 +0000
Vulnerability Summary The following advisory describes a kernel stack buffer overflow that leads to privilege escalation found in Kingsoft Antivirus/Internet Security 9+. Kingsoft Antivirus “provides effective and efficient protection solution at no cost to users. It applies cloud security technology to monitor, scan and protect your systems without any worrying. The comprehensive defender and anti-virus … Continue reading SSD Advisory – Kingsoft Antivirus/Internet Security 9+ Privilege Escalation
Read more
Credit to Author: SSD / Maor Schwartz| Date: Sun, 17 Dec 2017 07:24:49 +0000
Vulnerability Summary The following advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 – wkupccpu debugfs driver. Huawei Technologies Co. Ltd. is “a multinational networking and telecommunications equipment and services company, it is the largest telecommunications equipment manufacturer in the world and the second largest smartphone manufacturer … Continue reading SSD Advisory – Huawei P8 wkupccpu debugfs Kernel Buffer Overflow
Read more