#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Samba Service | Breaking Cybersecurity News | The Hacker News

Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities

Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities

Mar 13, 2018
Samba maintainers have just released new versions of their networking software to patch two critical vulnerabilities that could allow unprivileged remote attackers to launch DoS attacks against servers and change any other users' passwords, including admin's. Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to share network shared folders, files, and printers with Windows operating system. The denial of service vulnerability, assigned CVE-2018-1050 , affects all versions of Samba from 4.0.0 onwards and could be exploited "when the RPC spoolss service is configured to be run as an external daemon." "Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.
Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems

Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems

Jun 10, 2017
Remember SambaCry ? Two weeks ago we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software (re-implementation of SMB networking protocol) that allows a remote hacker to take full control of a vulnerable Linux and Unix machines. To know more about the SambaCry vulnerability (CVE-2017-7494) and how it works, you can read our previous article . At that time, nearly 485,000 Samba-enabled computers were found to be exposed on the Internet, and researchers predicted that the SambaCry-based attacks also have potential to spread just like WannaCry ransomware widely. The prediction came out to be quite accurate, as honeypots set up by the team of researchers from Kaspersky Lab have captured a malware campaign that is exploiting SambaCry vulnerability to infect Linux computers with cryptocurrency mining software. Another security researcher, Omri Ben Bassat‏, independently discovered  the same campaign and named it "EternalMiner
The Drop in Ransomware Attacks in 2024 and What it Means

The Drop in Ransomware Attacks in 2024 and What it Means

Apr 08, 2024Ransomware / Cybercrime
The  ransomware industry surged in 2023  as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070.  But 2024 is starting off showing a very different picture.  While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023. Figure 1: Victims per quarter There could be several reasons for this significant drop.  Reason 1: The Law Enforcement Intervention Firstly, law enforcement has upped the ante in 2024 with actions against both LockBit and ALPHV. The LockBit Arrests In February, an international operation named "Operation Cronos" culminated in the arrest of at least three associates of the infamous LockBit ransomware syndicate in Poland and Ukraine.  Law enforcement from multiple countries collaborated to take down LockBit's infrastructure. This included seizing their dark web domains and gaining access to their backend sys
7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

May 25, 2017
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines. Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to share network shared folders, files, and printers with Windows operating system. The newly discovered remote code execution vulnerability ( CVE-2017-7494 ) affects all versions newer than Samba 3.5.0 that was released on March 1, 2010. "All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," Samba wrote in an advisory published Wed
cyber security

WATCH: The SaaS Security Challenge in 90 Seconds

websiteAdaptive ShieldSaaS Security / Cyber Threat
Discover how you can overcome the SaaS security challenge by securing your entire SaaS stack with SSPM.
Badlock — Unpatched Windows-Samba Vulnerability Affects All Versions of Windows

Badlock — Unpatched Windows-Samba Vulnerability Affects All Versions of Windows

Mar 23, 2016
Security researchers have discovered a nasty security vulnerability that is said to affect almost every version of Windows and Samba and will be patched on April 12, 2016, the Samba development team announced Tuesday. So, Save the Date if you are a Windows or Samba file server administrator. Samba is a free, open source implementation of the SMB/CIFS network file sharing protocol that runs on the majority of operating systems available today, including Windows, UNIX, Linux, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to communicate with the same networking protocol as the Windows products, thus enabling users to access network shared folders and files from Windows OS. Dubbed Badlock , the vulnerability has been discovered by Stefan Metzmacher, a developer of Samba Core Team. Details about the Badlock vulnerability will be disclosed on April 12, when the developers of Microsoft and Samba release security p
Samba Service Hit By Remote Code Execution Vulnerability

Samba Service Hit By Remote Code Execution Vulnerability

Feb 24, 2015
A critical vulnerability has been fixed in Samba — Open Source standard Windows interoperability suite of programs for Linux and Unix, that could have allowed hackers to remotely execute an arbitrary code in the Samba daemon ( smbd ). Samba is an open source implementation of the SMB/CIFS network file sharing protocol that works on the majority of operating systems available today, which allows a non-Windows server to communicate with the same networking protocol as the Windows products. Samba is supported by many operating systems including Windows 95/98/NT, OS/2, and Linux. smbd is the server daemon of Samba which provides file sharing and printing services to clients using the SMB/CIFS protocol. Samba is also sometimes installed as a component of *BSD and OS X systems. The vulnerability, designated as CVE-2015-0240 , actually resides in this smbd file server daemon. The bug can be exploited by hackers to potentially execute code remotely with root privileges, the
Cybersecurity Resources