Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Vulnerability Assessment
    • Web Application Penetration Test
    • Configuration Review
      • Windows Build Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials Certification
  • News
  • Articles
  • About
    • About SecureTeam
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
    • White-Label Consultancy
    • Jobs
  • Contact Us

Blog

Home Search results for "Linux"

Webmin utility compromised with deliberate RCE

By Mark Faithfull | News, Vulnerabilities | 31 August, 2019 | 0

Webmin, the web-based interface for system administration for Unix and Linux, had a remote code execution vulnerability deliberately introduced into its source code in April 2018.  It was only publicised in August 2019 when a zero day exploit was published at DefCon 27. Webmin has been installed over a million times worldwide. The malicious codeRead more

1 million ProFTPD servers vulnerable to RCE

By Mark Faithfull | News, Vulnerabilities | 29 July, 2019 | 0

A potential remote code execution vulnerability has been discovered in the popular GPL-licensed FTP server ProFTPD ProFTPD is running on over a million servers exposed to the internet. It is included in several Linux distros including Debian, Suse and Ubuntu. The flaw, tracked under CVE-2019-12815 lives in the mod_copy module. The flaw allows an unauthenticated user toRead more

RAMbleed – new side channel attack

By Mark Faithfull | News, Uncategorized, Vulnerabilities | 2 July, 2019 | 0

Researchers have published details of a newly discovered side channel attack they have named RAMBleed RAMbleed is the latest evolution of attacks building on Row Hammer that allow information in one area of physical memory to be influenced by access made to a different but nearby area of physical memory.  Because Row Hammer and related methodsRead more

Exim mail server vulnerable to remote command execution

By Mark Faithfull | News, Vulnerabilities | 11 June, 2019 | 0

The world’s most popular mail server is vulnerable to a remote command execution flaw Exim is the world’s most popular mail server, with 57% of the mail servers connected to the web running Exim (as of June 2019). The vulnerability reported by Qualys (CVE-2019-10149) affects Exim versions 4.87 to 4.91 inclusive running on several LinuxRead more

Linux RCE Kernel vulnerability patched

By Mark Faithfull | News, Vulnerabilities | 22 May, 2019 | 0

All Linux kernels prior to 5.0.8 are vulnerable to a race condition vulnerability which can allow remote code execution. The vulnerability in the RDS (Reliable Datagram Socket) module can lead to a use after free condition which can be leveraged to achieve remote code execution by sending specially crafted TCP packets to a vulnerable server.Read more

apple virus

Novel application package allows Windows malware to target MacOS and Linux

By Mark Faithfull | News, Vulnerabilities | 6 April, 2019 | 0

In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged.  Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS.  Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer inRead more

Recent Posts

  • VNC Vulnerabilities patched
  • Integer overflow flaw hits HP SSD
  • The people are the problem
  • Critical Oracle EBS vulnerabilities remain unpatched
  • Windows 7 and Server 2008 support ends January

Tags

blockchain Bluetooth Botnet Chrome Cisco CREST cyber crime cyber essentials cyber security cyber security news Data Protection Dell DNS Ethereum Exchange Server exim formjacking GDPR Hadoop Intel Linux Meltdown microsoft Mirai OpenOffice patching PDF penetration testing phishing ransomware RDP Row Hammer security breach security testing Spectre supply chain attacks Sysinternals Tomcat TPM UK Law VNC vulnerability management web applications web browsers wireless

Archives

  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Vulnerability Assessment
    • Web Application Penetration Test
    • Configuration Review
      • Windows Build Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials Certification
  • News
  • Articles
  • About
    • About SecureTeam
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
    • White-Label Consultancy
    • Jobs
  • Contact Us
SecureTeam
SecureTeam use cookies on this website to ensure that we give you the best experience possible. If you continue to use our site we will assume that you are happy with cookies being used.OkRead more