Re: OpenBSD kernel relinking is not transactional and a local exploit exists
Posted by pesco on Jun 21 C. W. Schech on Sat, Jun 17 2023: By who? Which user ID specifically? And clearly such checksums could...
OXAS-ADV-2023-0002: OX App Suite Security Advisory
Posted by Martin Heiland via Fulldisclosure on Jun 21 Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed...
Re: OpenBSD kernel relinking is not transactional and a local exploit exists
Posted by jvoisin via Fulldisclosure on Jun 21 I'm unsure I understand the threat model here: an attacker with root privileges is able to modify...
Why you should review the security of your MSSQL servers
Brute-force credential guessing attacks against database servers are ramping up with MSSQL being at the top of the target list. That's because attackers can leverage...
Why Malware Crypting Services Deserve More Scrutiny
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or...
Ransomware attacks pose communications dilemmas for local governments
In the early morning of May 3, the City of Dallas, Texas, was hit by a ransomware attack, for which the Royal ransomware gang later...
#InfosecurityEurope: From Passion to Profession, Becky Pinkard’s Dedication to Cybersecurity
Infosecurity Europe inducts Becky Pinkard, Managing Director of Global Cyber Operations at Barclays, into the Hall of Fame Read More
#InfosecurityEurope Hall of Fame: Becky Pinkard, Managing Director of Global Cyber Operations, Barclays
Infosecurity Europe inducts Becky Pinkard, Managing Director of Global Cyber Operations at Barclays, into the Hall of Fame Read More
Ethical Problems in Computer Security
Tadayoshi Kohno, Yasemin Acar, and Wulf Loh wrote excellent paper on ethical thinking within the computer security community: “Ethical Frameworks and Computer Security Trolley Problems:...
USN-6183-1: Bind vulnerabilities
Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this...