This Week in Security: Linux Kernel, glibc, Locky Ransomware
Check out the latest security happenings, including Glibc's patch release, ransomware, and SimpliSafe alarms.
Join the DZone community and get the full member experience.
Join For FreeLinux Kernel
A Linux Kernel bug has been discovered that affects the following containers: Docker IPv6, Kubernetes, Google Container Engine and Mesos. The bug is related to the veth network routing devices that don't check TCP checksums.
Read more here
Glibc
Glibc released a patch to address a Critical buffer overflow
issue in getaddrinfo(). This is a flaw in the DNS resolver that could allow remote code execution.
Read more here
Locky Ransomware
Yet another ransomware, surprising no one has created one called YAR.
Locky ransomware is diffused via a macro in a word document, the price to pay for the keys is half a bitcoin.
careful of emails that say they have an invoice attached as well.
Read more here
SimpliSafe Alarms
SimpliSafe doesn't unfortunately encrypt the security code when transmitting from the keypad to the basestation. This is a wireless system and by sniffing the network, it is possible to retrieve the entry code and disable the alarm.
Read more here
Joomla Under Attack
Exploit Kits that were previously targeting WordPress websites are now being used to target Joomla sites.
Read more here
New Android XBot Trojan
The new Android XBot trojan includes just about every nasty you can think of. It’s really full of them, it steals your bank and credit card data, allows hackers to block your device remotely and also includes ransomware to top it all.
Read more here
New Version of Gozi Trojan
The new version of the Gozi Trojan targets the Windows 10 Edge browser by injecting malicious code.
Read more here
Comodo Devices Contain VNC Server.
Comodo devices contain a VNC server that once you gain access to it has admin rights. The problem with this server is that the is generated using an algorithm based on characteristics of the onboard disk.
Read more here
Just a Thought
Perhaps we should consider using the same mechanism used to capture cheaters on steam to capture people trafficking or purchasing stolen data on the web. You can read about how they were catching cheaters here
Topics:
security,
joomla,
android,
vnc,
ransomware
Opinions expressed by DZone contributors are their own.
Comments