The September Patch Tuesday security bundle from Microsoft fixes 60 vulnerabilities including some rated as Critical and a zero-day vulnerability under active attack affecting Microsoft Office. Microsoft Security updates for September Microsoft MSHTML Remote Code Execution Vulnerability (CVE-2021-40444) was publicised in early September when Microsoft warned Office 365 customers about the vulnerability. The flaw wasRead more
Blog
21 critical vulnerabilities have been discovered in the Exim Email server, some of which can be exploited to perform full remote unauthenticated code execution and gain root privilege on the server. Called 21Nails, this set of vulnerabilities is, to the Unix world, as serious as the ProxyLogon vulnerabilities recently discovered in Microsoft Exchange Server. TheRead more
A serious bug in the Linux SUDO utility has been discovered that allows any user to gain root privilege on a Linux system. The flaw was discovered by security firm Qualys and they describe it in their blog post as a heap overflow vulnerability that means: any unprivileged user can gain root privileges on aRead more
Boothole is a pervasive vulnerability that affects the GRUB2 boot loader that is used by most versions of Linux. By exploiting this vulnerability, attackers can run arbitrary code on almost any PC or Server and install RootKits or similar Malware that will persist reboots and be very difficult to detect. BootHole was first reported byRead more
Microsoft has launched Project Freta, a new malware detection service aimed at Linux systems. Named Project Freta (after the street where x-ray pioneer Marie Curie lived in Poland) the free service provides a means to scan the memory of Linux systems in order to detect malware. Rather than install agents or scanning code onto theRead more
The developers of the OpenSSH implementation of Secure Shell have announced their intention to drop support for SHA-1 in a ‘near future release.’ OpenSSH is used by millions of system administrators to securely access networked systems. OpenSSH supports various encryption algorithms and the decision to drop support for SHA-1 comes as recent research demonstrates itRead more
Server hardening is a set of disciplines and techniques which improve the security of an ‘off the shelf’ server. Server Hardening is requirement of security frameworks such as PCI-DSS and is typically included when organisations adopt ISO27001. What is the attack surface The aim of server hardening is to reduce the attack surface ofRead more
A remote code execution vulnerability has been discovered in all version of the Point-to-Point Protocol included on Linux systems for the last 17 years. The vulnerability allows an unauthenticated attacker to send a specially crafted packet to the PPP daemon (pppd), force a buffer overflow and execute arbitrary code. The PPP protocol is used forRead more
A bug has been found in the SUDO command which can allow an attacker to gain root privilege on Linux and Unix systems, even for users that do not have permission to run SUDO. SUDO is a security tool used daily in most organisations. SUDO allows users to execute a specific command with escalated privilegeRead more
Webmin, the web-based interface for system administration for Unix and Linux, had a remote code execution vulnerability deliberately introduced into its source code in April 2018. It was only publicised in August 2019 when a zero day exploit was published at DefCon 27. Webmin has been installed over a million times worldwide. The malicious codeRead more
