#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

privilege escalation | Breaking Cybersecurity News | The Hacker News

Linux Kernel Vulnerable to Privilege Escalation and DoS Attack

Linux Kernel Vulnerable to Privilege Escalation and DoS Attack

Jun 07, 2014
Multiple flaws have been identified in Linux Kernel and related software could allow hackers to hack your Linux machines, shared hosting and websites hosted on them. PRIVILEGE ESCALATION VULNERABILITY IN LINUX KERNEL A privilege escalation vulnerability has been identified in the widely used Linux kernel that could allow an attackers to take the control of users' system. On Thursday, the most popular distributor of open source Linux OS, Debian warned about this vulnerability (CVE-2014-3153) in a security update, along with some other vulnerabilities in the Linux kernel that may lead to a denial of service attack. The most critical one is the flaw (CVE-2014-3153) discovered by Pinkie Pie which resides in the futex subsystem call of Linux Kernel 2.6.32.62/3.2.59/3.4.91/3.10.41/3.12.21/3.14.5 versions , leaving a queued kernel waiter on the stack, which can be exploited to potentially execute arbitrary code with kernel mode privileges. " Pinkie Pie discovered an
Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

May 31, 2014
Multiple Serious vulnerabilities have been discovered in the most famous ' All In One SEO Pack ' plugin for WordPress, that put millions of Wordpress websites at risk. WordPress is easy to setup and use, that's why large number of people like it. But if you or your company is using ' All in One SEO Pack ' Wordpress plugin to optimize the website ranking in search engines, then you should update your SEO plugin immediately to the latest version of All in One SEO Pack 2.1.6 . Today, All in One SEO Pack plugin team has released an emergency security update that patches two critical privilege escalation vulnerabilities and one cross site scripting (XSS) flaw, discovered by security researchers at Sucuri, a web monitoring and malware clean up service. More than 73 million websites on the Internet run their websites on the WordPress publishing platform and more than 15 million websites are currently using All in One SEO Pack plugin for search engine optimization. Acco
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Magento vulnerability allows an attacker to create administrative user

Magento vulnerability allows an attacker to create administrative user

Feb 13, 2014
It seems you cannot go a day without hearing about someone or some group hacking a website or stealing credit card and other sensitive data from e-commerce sites. The Market of E-commerce is at its boom, and that provides even more opportunities to hackers. There are many readymade e-commerce platforms available on the Internet, that are easy to install and easy to manage at no extra cost and 'Magento' is one of the most popular out of them. Recently security researchers at Securatary  have reported a critical cross-store vulnerability in the Magento platform that lets attackers to escalation privilege by creating an administrative user on any ' Gostorego' online store. The authentication bypass vulnerability left 200,000 merchants data vulnerable to hackers before it was patched. To exploit the flaw, an attacker only needed to modify the HOST header to the URI of the target account in the GET request. They dubbed it as " Stealth mode ",
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
23-year-old Stack overflow vulnerability discovered in X11 Server

23-year-old Stack overflow vulnerability discovered in X11 Server

Jan 09, 2014
X.Org Foundation develops the X-Window System, the standard window system for open source operating systems and devices. Most of the graphical user interfaces for Unix and Linux systems rely on it. At the 30th Chaos Communication Congress (CCC) in Germany, Ilja van Sprundel , a security researcher gave the presentation titled  " X11 Server security with being 'worse than it looks.'". He found more than 120 bugs in a few months. In the presentation, he has presented a 23 year old Stack overflow vulnerability in X11 System that could lead to privilege escalation to root and affects all versions of the X Server back to X11R5. Later today, X.Org Foundation released a security Advisory , states " A BDF font file containing a longer than expected string could overflow the buffer on the stack. Testing in X servers built with Stack Protector resulted in an immediate crash when reading a user-provided specially crafted font. " The flaw resides in a file at " libXfo
Microsoft released Security Patch for CVE-2013-5065 TIFF Zero-Day vulnerability

Microsoft released Security Patch for CVE-2013-5065 TIFF Zero-Day vulnerability

Dec 10, 2013
Microsoft has  released  11 Security Patch this Tuesday, including one for CVE-2013-5065  zero-day vulnerability, recently discovered Local privilege escalation vulnerability that could allow a hacker to launch an attack using corrupted TIFF images to take over victims' computers. FireEye researchers said they found the exploit in the wild being used alongside a PDF-based exploit against a patched Adobe Reader vulnerability. December's Patch Tuesday update bundle brings five bulletins ranked critical, including a patch for a vulnerability that could allow remote code execution in Internet Explorer and another remote code execution vulnerability in Office and Microsoft Server is also addressed. Other patches addressing remote code execution vulnerabilities in Lync, all versions of Office and Microsoft Exchange. All supported versions of Windows, from XP to RT and 8.1, are affected by at least one of the critical vulnerabilities. The Six Security bulletins rated important de
CVE-2013-5065: Microsoft Windows XP and Server 2003 Privilege escalation Zero-Day exploit discovered

CVE-2013-5065: Microsoft Windows XP and Server 2003 Privilege escalation Zero-Day exploit discovered

Nov 29, 2013
Researchers at FireEye have discovered a new privilege escalation vulnerability  in Windows XP and Windows Server 2003. CVE-2013-5065, Local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit ( CVE-2013-3346 ) that appears to target a patched vulnerability. Microsoft has issued an advisory and warned that discovered bug in Windows XP's  NDPROXY.SYS driver could allow hackers to run code in the system's kernel from a standard user account. The exploit could allow a standard user account to execute code in the kernel, which may allow an attacker to gain privileges that would enable him to do various activities, including deleting or viewing data, installing programs, or creating accounts with administrative privileges. "Our investigation of this vulnerability has verified that it does not affect customers who are using operating systems newer than Windows XP and Windows Server 2003 ," Microsoft advised. Last April
Internet Explorer vulnerability exposed by Google Researcher used in targeted attacks

Internet Explorer vulnerability exposed by Google Researcher used in targeted attacks

Jul 11, 2013
Google and Microsoft are at each other's throats again. In a recent statement, Microsoft says hackers have been actively exploiting a vulnerability that was publicly disclosed by a Google researcher,  Tavis Ormandy . Microsoft addressed the vulnerability in its monthly " Patch Tuesday " package of fixes for July. Tavis Ormandy revealed the vulnerability in Windows 7 and 8 allows local users to obtain escalated privileges , making it easier for a hacker to compromise a system. Ormandy has been criticized by Microsoft and some in the security community who subscribe to the practice that a vulnerability shouldn't be made public until a software maker has an opportunity to fix it. Ormandy said that Microsoft " treat vulnerability researchers with great hostility " and are " often very difficult to work with ". He also advised researchers to use pseudonyms when dealing with the software giants. In 2012, Tavis accused Sophos of " poor development practices
BlackBerry Z10 Privilege Escalation Vulnerability

BlackBerry Z10 Privilege Escalation Vulnerability

Jun 18, 2013
BlackBerry Z10 users should be aware that there is a privilege escalation vulnerability. The vulnerability potentially allows a hacker to modify or edit data on a stolen BlackBerry Z10 smartphone with BlackBerry Protect enabled, identified as BSRT-2013-006 (CVE-2013-3692) According to the advisory , an escalation of privilege vulnerability exists in the software 'BlackBerry® Protect™' of  Z10 phones, supposed to help users delete sensitive files on a lost or stolen smartphone , or recover it again if it is lost. " Taking advantage of the weak permissions could allow the malicious app to gain the device password if a remote password reset command had been issued through the BlackBerry Protect website, intercept and prevent the smartphone from acting on BlackBerry Protect commands, such as a remote smartphone wipe. " The company says that version 10.0.9.2743 is not affected and that they have found no evidence of attackers exploiting this vulnerability in
Android malware loaded with Linux kernel privilege escalation exploit

Android malware loaded with Linux kernel privilege escalation exploit

Jun 12, 2013
Malware authors are notorious for quickly leveraging new exploits in the public domain for nefarious purposes. A recently discovered Linux kernel Local privilege escalation exploit , which allows attackers to gain complete control of infected devices, has been ported to the Android smartphone platform. The Linux kernel 2.6.x, including Red Hat Enterprise Linux 6, Ubuntu 12.04 LTS, Debian 6 and Suse Enterprise Linux 11 are vulnerable to privilege escalation flaw with CVE-2013-2094 .  CVE-2013-2094 states, " The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. " Exploit for Linux machines is publically available here . Privilege escalation exploits are particularly dangerous as they can allow cybercriminals to gain complete control over the compromised device.  The exploit can be used to to access d
Android 4.2 Jelly Bean Security Improvements overview

Android 4.2 Jelly Bean Security Improvements overview

Nov 02, 2012
Google is bringing a host of new features to its Android 4.2 Jelly Bean operating system designed to increase productivity, creativity and peace of mind and some very promising security improvements including: client side malware protection, Security Enhanced Linux, and always-on VPN . Most important Security Improvements in Android 4.2 is that it now includes a service based on Bouncer that works with all apps, not just those on Google Play. For example, it can check the apps you download on the Amazon App Store, or from 3rd Party sites. Whenever user will install any app from a different source than the official market, and will scan it for any malicious code that may prove potentially harmful for your device. Other than this, Users can now control how much data apps can access and share. This is made even more secure by something called VPN lockdown that can limit the amount of information sent over a connection that may not be secure or that is shared rather than priv
Cybersecurity Resources