Author X-Ploits  (Read 234 times)

0 Members and 1 Guest are viewing this topic.

X-Ploits
« on: June 01, 2017, 02:58:21 PM »
With the amount of exploits, zero-day(s), vulnerabilities, and data breaches constantly happening, a thread to keep up on them, and their remedies / mitigation, probably isn't a bad idea.
It will also keep the Function Random thread a little cleaner. ;)
Dump them here...


Re: X-Ploits
« Reply #1 on: June 01, 2017, 02:58:41 PM »
Linux users w/SELinux enabled: Update your systems...   NOW !
(Everyone else, update them now !  ;)
http://thehackernews.com/2017/05/linux-sudo-root-hack.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29

https://threatpost.com/patches-available-for-linux-sudo-vulnerability/125985/

Debian and derived systems (Mint, Ubuntu...) from the debian link in the above url.
https://security-tracker.debian.org/tracker/CVE-2017-1000367


Quick fix for Debian derived systems:

Copy and paste into the terminal (Ctrl + Alt + T    to bring it up.)
Code: [Select]
sudo apt-get update && sudo apt-get upgrade
In Synaptic, click 'Mark All Upgrades', then 'Apply'

Re: X-Ploits
« Reply #2 on: June 01, 2017, 02:59:55 PM »
Chrome users - Take Note:
http://thehackernews.com/2017/05/browser-camera-microphone.html
Web-RTC & JavaScript are at it again. (You might want to disable E-Tags also.)

From the article: "  Edward Snowden leaks also revealed Optic Nerve – the NSA's project to capture webcam images every 5 minutes from random Yahoo users. In just six months, 1.8 Million users' images were captured and stored on the government servers in 2008.  "
You can bet they were added to their facial recognition AI database too. >:(



Re: X-Ploits
« Reply #3 on: June 01, 2017, 03:00:46 PM »
“All customers served by our US data center are affected; customer data was compromised, including the ability to decrypt encrypted data.”
“Dealing with [the] aftermath. This is a massive leak.”
https://www.tripwire.com/state-of-security/latest-security-news/customer-data-reportedly-stolen-onelogin-security-incident/

Re: X-Ploits
« Reply #4 on: June 01, 2017, 03:01:12 PM »
"  A hacker claims to have stolen the upcoming season of Netflix's hit series Orange Is the New Black, and is demanding that the video streaming service pay an unspecified ransom to prevent all the new episodes from being prematurely released online. "
http://www.nzherald.co.nz/entertainment/news/article.cfm?c_id=1501119&objectid=11847778

Re: X-Ploits
« Reply #5 on: June 01, 2017, 03:02:19 PM »
"  As outlined by security firm Check Point, 41 apps developed by Korea-based Kiniwini and published under the moniker ENISTUDIO Corp., "infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.
... It's "possibly the largest malware campaign found on Google Play," according to Check Point.
... the total spread of the malware may have reached between 8.5 and 36.5 million users. "

http://www.pcmag.com/news/353943/judy-malware-potentially-hits-up-to-36-5m-android-devices


Re: X-Ploits
« Reply #6 on: June 01, 2017, 03:06:03 PM »
Microsoft says it has updated its Malicious software Removal Tool to fight the latest ransomeware. It probably runs automatically but to be sure simply type MRT in the run box (or whatever it's called now.)

Re: X-Ploits
« Reply #7 on: June 14, 2017, 06:28:40 PM »

Re: X-Ploits
« Reply #8 on: June 14, 2017, 06:33:05 PM »

Re: X-Ploits
« Reply #9 on: June 14, 2017, 10:42:13 PM »