Time to patch your Exim against local attackers as 4.84-3 and below are affected by a pretty simple vulnerability: the SUID exim binar, when invoked with the “perl_startup” flag, uses environment variables in an unsafe way. As result an attacker can execute arbitrary Perl code as root. #!/bin/sh # CVE-2016-1531 exim <= 4.84-3 local root exploit # =============================================== […]

It seems that there is new HackingTeam related activity: HackingTeam Reborn; A Brief Analysis of an RCS Implant Installer and The Italian morons are back! What are they up to this time?

Some WordPress themes from ElegantThemes (http://www.elegantthemes.com) are vulnerable to user privilege escalation. Below the complete advisory information: Today our divi builder and plugin options frameworks were updated to fix a security vulnerability. The vulnerability affects several of our themes and plugins, including our Divi (http://www.elegantthemes.com/gallery/divi/) , Extra (http://www.elegantthemes.com/gallery/extra/) , and Divi 2.3 (legacy) themes, as […]

Samsung KNOX 1.0 Weak eCryptFS Key Generation ≈ Packet Storm: The vulnerability allows disclosure of Data-at-Rest of Samsung KNOX 1.0 containers. KNOX container data is encrypted using eCryptFS containers. The same form of encryption is applied to both container application data and sdcard content. To provide eCryptFS the required a 32-byte AES key, KNOX produces […]

SEC Consult: Deliberately hidden backdoor account in several AMX (HARMAN Professional) devices: A function, which they decided to call “setUpSubtleUserAccount”. And this function does exactly what the name would suggest. It sets up a subtle user account. The strings seen in the above screenshot, revealed an interesting detail about the vendor’s security strategy.

NTP Stats Directory Cleanup Cronjob Root Privilege Escalation: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as root during the daily cronjobs all operations on the ntp-user controlled statistics directory without switching to user ntp. Thus […]

9% of all https hosts and 6% of all ssh hosts on the web use hardcoded private keys embedded in firmware: In the course of an internal research project SEC Consult labs have analyzed the firmware images of more than 4000 embedded devices of over 70 vendors. The devices they have looked at include Internet […]

Breach at IT Automation Firm LANDESK: LANDESK, a company that sells software to help organizations securely and remotely manage their fleets of desktop computers, servers and mobile devices, alerted employees last week that a data breach may have exposed their personal information. But LANDESK employees contacted by this author say the breach may go far deeper […]

Beware, connected iKettles can leak WiFi passwordsSecurity Affairs: The Pen Test Partners researcher Ken Munro mapped and hacked connected iKettles across London demonstrating they leak WiFi passwords. The Pen Test Partners researcher Ken Munro has conducted a very singular experiment, he mapped and hacked connected kettles across London, demonstrating they leak WiFi passwords. Once again […]

Google’s VirusTotal Now Offers Apple Malware Scanning Sandbox: Apple has seen more malware incidents this year than many previous years’ put together. It was only a matter of time before leading online virus scanner – VirusTotal opened its doors for Mac users to check for malware among their files. Google’s VirusTotal is now offering support […]