Nasty Linux kernel bug found and fixed
A heap overflow bug was recently discovered in the Linux kernel. The patch is available now in most major Linux distributions.
Discover Security Vulnerabilities News
Microsoft fixes NotLegit: exposed the source code of apps written in PHP and Python in Azure App Service for Linux
The Wiz research team has discovered a security issue in Azure App Service on Linux. This exposed the source code of client applications written in PHP, Python, Ruby or Node, which were deployed using “Local Git”.
Log4j vulnerability now used to install Dridex banking malware
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.
Security firm Blumira discovers major new Log4j attack vector
A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.
Log4j could be the most serious security threat ever seen, CISA head warns
Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned the recently-revealed Log4j vulnerability was “one of the most serious” she’s seen in her entire career, “if not the most serious”.
Attackers can get root by crashing Ubuntu’s AccountsService
A local privilege escalation security vulnerability (CVE-2021-3939) could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME's AccountsService component.
