Linux kernel | Breaking Cybersecurity News | The Hacker News

Another privilege-escalation vulnerability has been discovered in Linux kernel that dates back to 2005 and affects major distro of the Linux operating system, including Redhat, Debian, OpenSUSE, and Ubuntu. Over a decade old Linux Kernel bug ( CVE-2017-6074 ) has been discovered by security researcher Andrey Konovalov in the DCCP (Datagram Congestion Control Protocol) implementation using Syzkaller , a kernel fuzzing tool released by Google. The vulnerability is a use-after-free flaw in the way the Linux kernel's "DCCP protocol implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket." The DCCP double-free vulnerability could allow a local unprivileged user to alter the Linux kernel memory, enabling them to cause a denial of service ( system crash ) or escalate privileges to gain administrative access on a system. "An attacker can control what object that would be and overwrite

A 5-year-old serious privilege-escalation vulnerability has been discovered in Linux kernel that affects almost every distro of the Linux operating system, including Redhat, and Ubuntu. Over a month back, a nine-year-old privilege-escalation vulnerability, dubbed " Dirty COW ," was discovered in the Linux kernel that affected every distro of the open-source operating system, including Red Hat, Debian, and Ubuntu. Now, another Linux kernel vulnerability ( CVE-2016-8655 ) that dates back to 2011 disclosed today could allow an unprivileged local user to gain root privileges by exploiting a race condition in the af_packet implementation in the Linux kernel. Philip Pettersson, the researcher who discovered the flaw, was able to create an exploit to gain a root shell on an Ubuntu 16.04 LTS system (Linux Kernel 4.4) and also defeated SMEP/SMAP (Supervisor Mode Execution Prevention/Supervisor Mode Access Prevention) protection to gain kernel code execution abilities. In

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

A nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild. Dubbed " Dirty COW ," the Linux kernel security flaw (CVE-2016-5195) is a mere privilege-escalation vulnerability, but researchers are taking it extremely seriously due to many reasons. First, it's very easy to develop exploits that work reliably. Secondly, the Dirty COW flaw exists in a section of the Linux kernel, which is a part of virtually every distro of the open-source operating system, including RedHat, Debian, and Ubuntu, released for almost a decade. And most importantly, the researchers have discovered attack code that indicates the Dirty COW vulnerability is being actively exploited in the wild. Dirty COW potentially allows any installed malicious app to gain administrative (root-level) access to a device and completely hijack it within just 5 seconds. Earlier this week, Linus Torvalds admi

Around five years after unknown hackers gained unauthorized access to multiple kernel.org servers used to maintain and distribute the Linux operating system kernel, police have arrested a South Florida computer programmer for carrying out the attack. Donald Ryan Austin , a 27-year-old programmer from of El Portal, Florida, was charged Thursday with hacking servers belonging to the Linux Kernel Organization ( kernel.org ) and the Linux Foundation in 2011, the Department of Justice announced on Thursday. The Linux Kernel Organization runs kernel.org servers for distributing the Linux operating system kernel, which is the heart of the operating system, whereas the Linux Foundation is a separate group that supports kernel.org. According to an indictment [ PDF ] unsealed by federal prosecutors on Monday, Austin managed to steal login credentials of one of the Linux Kernel Organization system administrators in 2011 and used them to install a hard-to-detect malware backdoor, dubbe

An estimated 80 percent of Android smartphones and tablets running Android 4.4 KitKat and higher are vulnerable to a recently disclosed Linux kernel flaw that allows hackers to terminate connections, spy on unencrypted traffic or inject malware into the parties' communications. Even the latest Android Nougat Preview is considered to be vulnerable. The security flaw was first appeared in the implementation of the TCP protocol in all Linux systems deployed since 2012 (version 3.6 and above of the Linux OS kernel) and the Linux Foundation has already patched the Linux kernel on July 11, 2016. However, the vulnerability ( CVE-2016-5696 ) is now affecting a large portion of the Android ecosystem. According to a blog post published Monday by mobile security firm Lookout, the Linux flaw is present in Android version 4.4 KitKat and all future releases, including the latest developer preview of Android Nougat . Around 1.4 BILLLLLION Android Devices Affected This means that 80%

How to Hack an Android device? It is possibly one of the most frequently asked questions on the Internet. Although it's not pretty simple to hack Android devices and gadgets, sometimes you just get lucky to find a backdoor access. Thanks to Allwinner, a Chinese ARM system-on-a-chip maker, which has recently been caught shipping a version of Linux Kernel with an incredibly simple and easy-to-use built-in backdoor. Chinese fabless semiconductor company Allwinner is a leading supplier of application processors that are used in many low-cost Android tablets, ARM-based PCs, set-top boxes, and other electronic devices worldwide. Simple Backdoor Exploit to Hack Android Devices All you need to do to gain root access of an affected Android device is… Send the text " rootmydevice " to any undocumented debugging process. The local privileges escalation  backdoor code for debugging ARM-powered Android devices managed to make its way in shipped firmware after fir

Information security and privacy are consistently hot topics after Edward Snowden revelations of NSA's global surveillance that brought the world's attention towards data protection and encryption as never before. Moreover, just days after Windows 10 's successful launch last summer, we saw various default settings in the Microsoft's newest OS that compromise users' privacy , making a large number of geeks, as well as regular users, migrate to Linux. However, the problem is that majority of users are not friendly to the Linux environment. They don't know how to configure their machine with right privacy and security settings, which makes them still open to hacking and surveillance. However, this gaping hole can be filled with a  Debian-based  Security-focused Linux operating system called Subgraph OS: A key solution to your Privacy Fear. Subgraph OS is a feather weighted Linux flavor that aims to combat hacking attacks easier, even on fai

Do You Know:  China has planned to eliminate all foreign Technologies and Services by 2020, just like Google and Facebook . And it seems China in some years would be an entirely independent IT economy; building homegrown Mobile and computer devices, Operating Systems, Applications, Browsers and almost everything existing in the IT ecosystem. Well, China was not at all happy when Microsoft finally announced the end of official support for Windows XP. At the time, Windows holded 91% of total market share, compared to just for Mac OS X and just 1% for Linux. However, China wasn't interested to pay either for extended support for Windows XP or for switching to Windows 8. So, they decided to develop their own Operating System. Yes, China has developed a Desktop Operating System named " NeoKylin " ( and ' Kylin ' in Chinese ), tagged as a substitute to Windows XP by Quartz , who got an opportunity to have a hands-on experience of its "community version" OS. NeoKylin

Can you name which Operating System is most Secure ? ...Windows, Mac, Linux or any particular Linux Distribution? Yes, we get that! It's not an easy thing to pick. Besides Windows, Even the so-called ultra-secure Linux Distros were found to be vulnerable to various critical flaws in past years. Because, almost all Linux Distros use the same Kernel, and the most number of cyber attacks target the Kernel of an operating system. So, It doesn't matter which Linux distribution you use. The kernel is the core part an operating system, which handles all the main activities and enforces the security mechanisms to the entire operating system. Making an Operating System secure requires that vulnerabilities shall not exist in the Kernel, which is the communicating interface between the hardware and the user.  To overcome the above situation, Security Researchers, Mathematicians and Aviation gurus from Boeing and Rockwell Collins joined a team of dedicated NIC

First announced over five years ago, ex-Google engineer Kent Overstreet is pleasured in announcing the general availability of a new open-source file-system for Linux, called the Bcache File System (or Bcachefs ). Bcachefs is a Linux kernel block layer cache that aims at offering a speedier and more advanced way of storing data on servers. Bcachefs promises to provide the same performance and reliability as the consecrated EXT4 and XFS file systems while having features of the ZFS and Btrfs file systems . Features that Bcachefs Supports Bcachefs supports all the features of a modern file-system, including: Checksumming to ensure data integrity Compression to save space Caching for quick response Copy-on-Write (COW) that offers the ability for a single file to be accessed by multiple parties at once What's coming next for Bcachefs It seems that some of the features in Bcachefs are limited or missing, which includes: Snapshots Erasure codi

A simple but shockingly dangerous vulnerability has been uncovered in the NetUSB component, putting Millions of modern routers and other embedded devices across the globe at risk of being compromised by hackers. The security vulnerability, assigned CVE-2015-3036 , is a remotely exploitable kernel stack buffer overflow flaw resides in Taiwan-based KCodes NetUSB . NetUSB is a Linux kernel module that allows for users to flash drives, plug printers and other USB-connected devices into their routers so that they can be accessed over the local network. NetUSB component is integrated into modern routers sold by some major manufacturers including D-Link, Netgear, TP-Link, ZyXEL and TrendNet. The security flaw, reported by Stefan Viehbock of Austria-based SEC Consult Vulnerability Lab, can be triggered when a client sends the computer name to the server deployed on the networking device (TCP port 20005) in order to establish a connection. However, if a connecting comp

A 20 year old critical subtle integer overflow vulnerability has been discovered in Lempel-Ziv-Oberhumer (LZO), an extremely efficient data compression algorithm that focuses on decompression speed, which is almost five times faster than zlib and bzip compression algorithms. Lempel-Ziv-Oberhumer (LZO) was developed in 1994 by Markus Oberhumer and currently it is one of the most popular and widespread compression algorithm used in the Linux kernel , some Samsung Android mobile devices, other embedded devices and several open-source libraries including OpenVPN, MPlayer2, Libav, FFmpeg. 20 YEAR OLD VULNERABILITY IN LZO ALGORITHM Don A. Bailey, founder and CEO of Lab Mouse Security, who disclosed the technical details of the buffer overrun vulnerability in LZO/LZ4 algorithm, explains that if an attacker carefully craft a piece of compressed data that would run malicious code when the software attempted to decompress it. According to advisory, if buffers of 16MB or more

Multiple flaws have been identified in Linux Kernel and related software could allow hackers to hack your Linux machines, shared hosting and websites hosted on them. PRIVILEGE ESCALATION VULNERABILITY IN LINUX KERNEL A privilege escalation vulnerability has been identified in the widely used Linux kernel that could allow an attackers to take the control of users' system. On Thursday, the most popular distributor of open source Linux OS, Debian warned about this vulnerability (CVE-2014-3153) in a security update, along with some other vulnerabilities in the Linux kernel that may lead to a denial of service attack. The most critical one is the flaw (CVE-2014-3153) discovered by Pinkie Pie which resides in the futex subsystem call of Linux Kernel 2.6.32.62/3.2.59/3.4.91/3.10.41/3.12.21/3.14.5 versions , leaving a queued kernel waiter on the stack, which can be exploited to potentially execute arbitrary code with kernel mode privileges. " Pinkie Pie discovered an

There is a good news for all Security researchers, Penetration testers and Hackers. The developers of one of the most advance open source operating system for penetration testing, ' KALI Linux ' have announced yesterday the release of its latest version of Kali Linux 1.0.7 with some interesting features. Kali Linux is an open source Debian-based distribution for penetration testing and forensics that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In the beginning of this year, Offensive Security released Kali Linux 1.0.6 with Kernel version 3.12, and also added the Self Destruct feature that allows Kali users to encrypt the full hard disk to make the data inaccessible in an emergency case by entering a secret password at boot time. This latest Kali Linux 1.0.7 version added some more features to the last version, along with many new penetration testing and hacking too

Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad . The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad  will be introduced at the RSA security conference in San Francisco next week and Pwnie Express is also releasing the Pwn Pad source code. This will allow hackers to download the software and get it up and running on other types of Android phones and tablets. " Every pen tester we know has a phone and a tablet and a laptop, but none of them has been able to do pen-testing from the tablet ," says Dave Porcello, Pwnie Express's CEO said to  wired . Most interesting part is that, first time the most popular wireless hacking tools like Aircrack-ng and Kismet introduced on an Android device.  The complete list of the tool available  in this suite are:  Wireless Tools: Aircrac

Creator of the GNU Project & Free Software Foundation's Leader Richard Stallman has called out Ubuntu as being "spyware". Why ?  Because the operating system sends data to Ubuntu maker Canonical when a user searches the desktop. How ? Due to the Amazon search capabilities that have been integrated into Ubuntu's  Unity desktop environment with the Dash. First introduced in Ubuntu 12.10. Surveillance Program ?  Stallman equates the Amazon search integration into the Ubuntu desktop as having installed surveillance code. He said, " Ubuntu, a widely used and influential GNU/Linux distribution, has installed surveillance code. When the user searches her own local files for a string using the Ubuntu desktop, Ubuntu sends that string to one of Canonical's servers. (Canonical is the company that develops Ubuntu.) " Stallman's post , " The ads are not the core of the problem ," " The main issue is the spying. Canonical says it doe

Security researchers have discovered what appears to be an experimental Linux rootkit designed to infect its highly select victims during a classic drive-by website attack. The malware allows hackers to inject code directly in any infected web page. The new malware, discovered on November 13 of this year, was written especially for servers that run Debian Squeeze and NGINX, on 64 bits. About Rootkit :  Rootkit.Linux.Snakso.a is designed to infect the Linux kernel version 2.6.32-5-amd64 and adds an iframe to all served web pages by the infected Linux server via the nginx proxy.  Based on research, the rootkit may have been created by a Russia-based attacker. The recently discovered malware is very dangerous because it does not infect a specific website. It infects the entire server and this can endanger all websites hosted on that server. Drive-by-downloads expose web surfers to malicious code that attempt to exploit unpatched software vulnerabilities in the web visitor&#