August 7, 2024 at 07:26PM At the Black Hat USA conference, it was revealed that an obscure issue in Microsoft’s Entra ID identity and access management service could enable a hacker with admin-level access to gain global administrator privileges. This could lead to unauthorized access, including accessing sensitive data and planting malware in an organization’s … Read more
August 6, 2024 at 02:24AM Google has addressed a high-severity security flaw in the Android kernel, identified as CVE-2024-36971, acknowledging its active exploitation. The patch also includes fixes for 47 flaws, with indications that the vulnerability may be exploited in targeted attacks. The company is collaborating with OEM partners to apply fixes where applicable. The … Read more
August 5, 2024 at 09:42AM Researchers from Graz University of Technology have introduced SLUBStick, a Linux kernel exploitation technique that can increase the impact of heap vulnerabilities. This method can lead to privilege escalation and container escapes, even with modern defenses enabled. The technique demonstrates a success rate of more than 99% and has been … Read more
August 3, 2024 at 03:41PM SLUBStick, a novel Linux Kernel cross-cache attack, has a 99% success rate in escalating privileges and escaping containers by exploiting a heap vulnerability. It works with modern kernel defenses and will be presented at the upcoming Usenix Security Symposium. The attack provides benefits to attackers, including privilege escalation and container … Read more
July 25, 2024 at 09:49AM Docker warns users to patch their Docker Engine due to a critical vulnerability (CVE-2024-41110) present for five years. This bug allows attackers to exploit authorization plugins, potentially leading to privilege escalation and unintended commands execution. While the likelihood of exploitation is low, the severity score is high, and affected users … Read more
July 25, 2024 at 06:10AM Researchers have identified a privilege escalation vulnerability, named ConfusedFunction, in Google Cloud Platform’s Cloud Functions service, enabling unauthorized access to other services and sensitive data. The issue with Cloud Build service account permissions, exposed by Tenable, has been addressed by Google, although existing instances remain unaffected. Other cloud providers have … Read more
July 25, 2024 at 01:57AM Docker warns of a critical vulnerability (CVE-2024-41110) in certain versions of Docker Engine, allowing attackers to bypass authorization plugins with maximum severity. It was regressed since 2018 but resolved in versions 23.0.14 and 27.1.0. Docker Desktop up to 4.32.0 is affected, with a fix expected in the next release. Users … Read more
July 24, 2024 at 03:05PM Docker has issued security updates to address a critical vulnerability in certain versions of Docker Engine, which could allow attackers to bypass authorization plugins under specific conditions. The flaw, identified as CVE-2024-41110, affects several versions of Docker Engine, and patched versions up to v27.1.0 are advised for impacted users. Additionally, … Read more
July 11, 2024 at 03:21PM A new signal handler race condition, CVE-2024-6409, was discovered by Openwall’s Alexander Peslyak in the core sshd daemon used in RHEL 9.x and its offshoots. The flaw affects sshd versions 8.7p1 and 8.8p1 in Fedora 36 and 37 and Red Hat Enterprise Linux 9. AlmaLinux has already released a fix … Read more
July 9, 2024 at 05:13PM July’s Microsoft security update addresses 139 CVEs, including actively exploited vulnerabilities and a public Intel microprocessor issue. Notably, two zero-day bugs were identified, posing a moderate threat. Additionally, critical vulnerabilities affecting Windows Remote Desktop Licensing Service require immediate attention, with a recommendation to disable the service if not in use. … Read more