A naukri.com initiative
Hackaday
1M
288
Image Credit: Hackaday
This Week in Security: Zimbra, DNS Poisoning, and Perfctl
- Zimbra vulnerability CVE-2024-45519 is being exploited in the wild and researchers are seeing attempts to install webshells; campaigns seems less reliable when coming from outside of the trusted network.
- WhoYouCalling is a new Windows-based tool that uses the Windows Event Tracing mechanism to collect packet capture data about a specific executable and all of its children processes.
- Rogue subdomains with phantom IPs linked to the Chinese Internet and containing keywords related to censoring the Internet and VPN have been found, which could lead to DNS poisoning for the rest of the Internet.
- Internet-connected smart glasses combined with LLM doing facial recognition can be used to virtually name tag everyone you meet, but could also lead towards dystopian future.
- A newly discovered Linux malware, perfctl, specializes in stealth, combined with Monero mining, relay traffic, and installing other malware in compromised machines.
- Kekz Headphones, a kid's toy, has encryption that wasn't up to the task, with only about 56 possible keys for each file.
- Comparison of how different languages handle HTTP parameters can help in identifying vulnerabilities created by subtle mismatches in data parsing.
- Ruby's class pollution category of vulnerabilities is a particular pitfall that Ruby enthusiasts need to learn to avoid.
Read Full Article
17 Likes
For uninterrupted reading, download the app