Remove 02
Remove 2016 Remove Data Remove Information Security Remove Security
article thumbnail

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI urges operators running vulnerable instances to install available security updates and configure them securely. ” reads the alert published by the BSI.

article thumbnail

Dirty Pipe Linux flaw allows gaining root privileges on major distros

Security Affairs

Security expert Max Kellermann discovered a Linux flaw, dubbed Dirty Pipe and tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. Kellerman explained that the flaw is similar to CVE-2016-5195 , aka Dirty Cow, and is more dangerous because it is easier to exploit. and later versions.

Passwords 101
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Security Affairs

The original Mandrake campaign had two major infection waves, in 2016–2017 and 2018–2020. These included relocating malicious functions to obfuscated native libraries, using certificate pinning to secure C2 communications, and determine if it was running on a rooted device or in an emulated environment.

Libraries 118
article thumbnail

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. File name: patent-2019-02-20T093A283A05-1.xls The macro makes several string concatenations and executes via a pivot msiexec.exe process. Technical Analysis.