Security News

A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution. This new attack exploits flaws in AMD's Secure Encrypted Virtualization-Encrypted State and Secure Encrypted Virtualization-Secure Nested Paging tech designed to protect against malicious hypervisors and reduce the attack surface of VMs by encrypting VM data and blocking attempts to alter it in any way.

A Moldovan who allegedly ran the compromised-credential marketplace E-Root has been extradited from the UK to America to stand trial. Sandu Diaconu, 31, along with another individual whose name has been redacted from court documents, allegedly operated the illicit souk selling access to compromised servers worldwide between 2015 and 2020.

Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty of 20 years for selling access to compromised computers. Last month, Diaconu consented to be extradited to the United States for wire fraud, money laundering, computer fraud, and access device fraud.

Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. One of these PoC exploits, confirmed as working by vulnerability and exploit expert Will Dormann, was released by independent security researcher Peter Geissler earlier today.

Amazon will require all privileged AWS accounts to use multi-factor authentication for stronger protection against account hijacks leading to data breaches, starting in mid-2024.Amazon has been offering free MFA security keys for eligible AWS customers in the United States since 2021 and added more flexible MFA options on the platform in November 2022, allowing the registration of up to 8 MFA devices per account.

A vulnerability in the GNU C Library can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. Dubbed "Looney Tunables", CVE-2023-4911 is a buffer overflow vulnerability in the dynamic loader's processing of the GLIBC TUNABLES environment variable.

One in eight open-source downloads today poses known and avoidable risks. Only 11% of open-source projects are 'actively maintained'.

The flaw, dubbed Looney Tunables, arises from the GNU C Library's dynamic loader mishandling of the GLIBC TUNABLES environmental variable. Because GNU C Library, commonly known as glibc, is found in most Linux systems, this is something of an issue.

Cisco released security updates to fix a Cisco Emergency Responder vulnerability that let attackers log into unpatched systems using hard-coded credentials. "This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development," Cisco explained in an advisory issued today.

Amazon wants to make it more difficult for attackers to compromise Amazon Web Services root accounts, by requiring those account holders to enable multi-factor authentication. The root account holder is the first identity created when creating an AWS account and the most privileged user, as it has access to all AWS services and resources in the account.