Mobile360

Must Read: Attackers gain root access due to a new Linux Bug in the Netfilter firewall module.

A recently reported security issue in the Linux kernel could be exploited by a local adversary to get elevated privileges on vulnerable systems, allowing them to execute arbitrary code, escape containers, or cause a kernel panic.

The vulnerability, tracked as CVE-2022-25636 (CVSS score: 7.8), affects Linux kernel versions 5.4 through 5.6.10 and is caused by a heap out-of-bounds write in the kernel's netfilter subcomponent.

This weakness allows a local attacker with a system user account to get access to out-of-bounds memory, potentially resulting in a system crash.

CVE-2022-25636 is a vulnerability caused by faulty handling of the framework's hardware offload feature, which might be exploited by a local attacker to cause a denial-of-service (DoS) or perhaps execute arbitrary code.

It is important to make sure that your personal information is protected through good quality cybersecurity. With our industry-leading global technology-based cybersecurity solutions, you can rest assured that your digital assets and information is protected. We are the only cybersecurity solutions provider worldwide that includes a free Cyber Breach Warranty with our solutions.

Contact us here: https://lnkd.in/dNvZ58f



Source: The Hackers News

Breaking News: The latest outbreak of the Emotet Botnet has spread to over 100,000 computers.

The sinister Emotet botnet, which reappeared in November 2021 after a 10-month absence, is showing signs of continuous expansion, collecting a swarm of over 100,000 infected hosts for nefarious activities.

While Emotet has not yet reached its former size, the botnet has made a strong comeback, with around 130,000 unique bots dispersed across 179 countries since November 2021.

The malware first appeared in November 2021, using TrickBot as a delivery mechanism. TrickBot shut down its assault infrastructure late last month after several important members of the group were absorbed into the Conti ransomware cartel.

Emotet's botnet infrastructure is said to encompass nearly 200 command-and-control (C2) servers, with most of the domains located in the U.S.

The spread and expansion of bots is a key measure of Emotet's progress in reconstructing its once-vast infrastructure. Each bot represents a potential entry point into a sought network, as well as a possibility to launch Cobalt Strike or be promoted to a Bot C2.

Speak to us about a solution that can truly protect your users, endpoints and your organisation...and by this we mean, not through the use of the free cybersecurity add-ons to another core software purchase where cybersecurity likely isn’t within the core focus area of the provider.

Contact us now: https://lnkd.in/dNvZ58f



Source: The Hackers News

Complete this 60-Second Survey on "The State of IT" and stand a chance to win a R2 000 Takealot Voucher...

Access the survey here: https://bit.ly/3KM6vBv

BREAKING NEWS: Adobe addresses ‘critical’ security flaws in Illustrator and After Effects.

Adobe released urgent security upgrades on Tuesday to address code ex*****on vulnerabilities in its widely used Illustrator and After Effects programs.

The most serious of the vulnerabilities were addressed in Adobe Illustrator, the popular vector graphics design program available for both macOS and Windows systems.

Adobe categorized the Illustrator problem as "critical" with a CVSS base score of 7.8 in an advisory. The CVE-2022-23187 flaw is a buffer overflow that affects Illustrator 2022 version 26.0.3 (and older versions) on both Windows and macOS platforms. Users are highly encouraged to upgrade to Illustrator 2022 version 26.1.0.

A third Adobe alert discusses a single memory leak vulnerability in Adobe Photoshop. The Photoshop problem, rated "important," is available on both macOS and Windows platforms. Adobe stated that it has no evidence that any of these flaws had been exploited in the wild prior to the release of patches.

Data is the fuel of IT; without data, you cannot run a business. Cyber-attacks are becoming increasingly aggressive and hackers will try any avenue possible to obtain data and to breach systems. Always ensure patches are up to date and remember this doesn’t have to be a daunting task, it can be automated with our AgentX solution.

Contact us here: https://lnkd.in/dNvZ58f



Source: Security Week