article thumbnail

StackRot, a new Linux Kernel privilege escalation vulnerability

Security Affairs

StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system. A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 ” reads the advisory published by security researcher Ruihan Li from Peking University. through 6.4.

article thumbnail

Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966

Security Affairs

Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues. Microsoft released an out-of-band update to address issues caused by a recent Windows security patch that causes Kerberos authentication problems. Pierluigi Paganini.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Critical flaws in myPRO HMI/SCADA product could allow takeover vulnerable systems

Security Affairs

mySCADA myPRO is a multiplatform, human-machine interface (HMI) and supervisory control and data acquisition (SCADA) system that allows to visualize and control industrial processes. The security researcher Michael Heinzl discovered multiple vulnerabilities in the myPRO product, some of which have been rated as critical severity.

article thumbnail

Cisco Talos discovered 2 critical flaws in the popular OpenCV library

Security Affairs

The CVE-2019-5063 is a heap buffer overflow vulnerability that exists in the data structure persistence functionality of OpenCV 4.1.0. ” The CVE-2019-5064 vulnerability resides in the data structure persistence functionality of the same library and can be triggered by attackers using a specially crafted JSON file.

article thumbnail

Business leaders highlight the need for a hybrid cloud approach to unlock the power of generative AI

IBM Big Data Hub

In 2023, organizations have faced an unprecedented level of pressure to digitally transform with the rise of generative AI as well as imperatives such as sustainability, labor productivity and security. The findings indicate that highly regulated industries are increasingly weighing risks, such as security, when considering the technology.

Cloud 97
article thumbnail

Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign

Security Affairs

Redis, is a popular open source data structure tool that can be used as an in-memory distributed database, message broker or cache. The post Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign appeared first on Security Affairs. bash_history). Pierluigi Paganini.

Mining 97
article thumbnail

A custom PowerShell RAT uses to target German users using Ukraine crisis as bait

Security Affairs

The malicious code builds a unique id for the victim and exfiltrates data as a JSON data structure sent to the C2 server via a POST request. The post A custom PowerShell RAT uses to target German users using Ukraine crisis as bait appeared first on Security Affairs. Pierluigi Paganini.