Security News

How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. universities and Qihoo 360, the company developing the 360 Secure Browser, have collected 5 months worth of certificate data from volunteer users and analyzed certificate chains and verification statuses in web visits. Many flaws in the implementation of hidden root CAs and certificates.

Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Because of its ubiquitous nature, UPnP is used by a wide variety of devices, including personal computers, networking equipment, video game consoles and internet of things devices.

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. Lookout Threat Labs said it found a total of 19 Android applications that posed as utility apps and system tools like password managers, money managers, app launchers, and data saving apps, seven of which contained the rooting functionality.

New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. The malware, dubbed AbstractEmu by security researchers at the Lookout Threat Labs who found it, was bundled with 19 utility apps distributed via Google Play and third-party app stores.

Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow arbitrary code execution.The bug is an OS command-injection issue, which enables attackers to execute unexpected, dangerous commands directly on the operating system that normally wouldn't be accessible.

Rated high in severity, HPE warns the Sudo flaw could be part of a "Chained attack" where an "Attacker has achieved a foothold with lower privileges via another vulnerability and then uses this to escalate privileges," according to a recent HPE security bulletin. Sudo is a program used by other platforms that "Allows a system administrator to delegate authority to give certain users the ability to run some commands as root or another user," according to the Sudo license.

Today's higher-value attacks are often iterative, trial-and-error affairs, where attackers try different tactics on different portions of an organization's externally exposed attack surface. XDR was designed to unite all the traditionally siloed security systems that look only at one portion of attack surface or infrastructure, integrate their data, and correlate it to gain a way of finding an in-progress attack early and curtailing it.

A security researcher released exploit code for a high-severity vulnerability in Linux kernel eBPF that can give an attacker increased privileges on Ubuntu machines. eBPF is a technology that enables user-supplied programs to run sandboxed inside the operating system's kernel, triggered by a specific event or function.