Security News > 2021 > January

A major security hole in the Sudo utility could be abused by unprivileged users to gain root privileges on the vulnerable host, Qualys reports. Designed to allow users to run programs with the security privileges of another user, Sudo is present in major Unix- and Linux-based operating systems out there.

Ben Seri and Gregory Vishnepolsky, threat researchers at Armis, have found a way to expand upon the NAT Slipstream attack disclosed last year by Samy Kamkar, CSO of Openpath Security. The original NAT Slipstream potentially allowed a miscreant to access any TCP/UDP service tied to a victim's machine by bypassing the victim's NAT and firewall defenses.

Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on April 25th, 2021. Today, Europol announced the disruption of the infamous Emotet email spamming botnet used to distribute malicious Word spam attachments that install malware such as TrickBot and Qbot.

Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on April 25th, 2021. Today, Europol announced the disruption of the infamous Emotet email spamming botnet used to distribute malicious Word spam attachments that install malware such as TrickBot and Qbot.

On Tuesday, the European Union Agency for Law Enforcement Cooperation announced that the Emotet botnet has been disrupted as a result of efforts from law enforcement and judicial authorities across several countries. By disrupting Emotet's infrastructure from the inside, the participating bodies were able to redirect the computers of people victimized by Emotet to an infrastructure controlled by law enforcement.

Apple, rather unusually in today's cybersecurity world, rarely announces that security fixes are on the way. Apple doesn't disclose, discuss or confirm security issues until an investigation has occurred and patches or releases are generally available.

Developer site Stack Overflow has published details of a breach dating back to May 2019, finding evidence that an intruder in its systems made extensive use of Stack Overflow itself to determine how to make the next move. The report describes the timeline of the attack, which started on April 30th with a probe of the Stack Overflow infrastructure.

A doozy of a bug that could allow any local user on most Linux or Unix systems to gain root access has been uncovered - and it had been sitting there for a decade, researchers said. The bug was found in Sudo, a utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user.

The U.S. Cybersecurity and Infrastructure Security Agency this week released an advisory to inform industrial organizations that some SCADA/HMI products made by Japanese electrical equipment company Fuji Electric are affected by potentially serious vulnerabilities. The vulnerabilities, reported to Fuji Electric by various researchers through Trend Micro's Zero Day Initiative and CISA, have been described as buffer overflow, out-of-bounds read/write and uninitialized pointer issues that can be exploited for arbitrary code execution.

UPDATE. Researchers have publicly disclosed security flaws found in ADT-owned LifeShield security cameras, which, if exploited, could have allowed a local attacker to eavesdrop on victims' conversations or tap into a live video feed. Security experts warn that ADT's glitches serve as warning and are just the latest camera maker to patch similar security issues tied to connected cameras.