Security News > 2022 > March > Week in review: Linux bug gives root access to attackers, UPS devices’ vulns, IoT security for OEMs
Mozilla fixes Firefox zero-days exploited in the wildMozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities exploited by attackers in the wild.
Easily exploitable Linux bug gives root access to attackersAn easily exploitable vulnerability in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking advantage of already public exploits.
Widely used UPS devices can be hijacked and destroyed remotelyThree vulnerabilities in ubiquitous APC Smart-UPS devices could allow remote attackers to use them as an attack vector, disable or completely destroy them, Armis researchers have discovered.
Kali Linux on bare-metal gets snapshotting functionalityThe Offensive Security team has released Kali Unkaputtbar, a new feature that allows Kali Linux installed on bare-metal to make system snapshots automatically, thus enabling users to roll back to a previous system state after a botched upgrade.
5 steps that simplify IoT security for OEMsAs digital transformation materializes, businesses are becoming more reliant on devices that support valuable IoT services.
The Center for Internet Security defines essential cyber hygiene as Implementation Group 1 of the CIS Critical Security Controls.
News URL
Related news
- Critical Kubernetes Image Builder flaw gives SSH root access to VMs (source)
- Critical default credential in Kubernetes Image Builder allows SSH root access (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)
- Deepen your knowledge of Linux security (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (source)
- 'Alarming' security bugs lay low in Linux's needrestart server utility for 10 years (source)