We offer to familiarize yourself with a small overview of vulnerabilities over the past week. In the spotlight: Linux, Apple, Exchange Server, Microsoft, Spectre, Google, Chrome.
More than 6,300 video surveillance cameras, many of which work at the facilities of Ki Russia have serious vulnerabilities. In this regard, a picture from these cameras can be obtained almost everyone. Information about the presence of vulnerable video surveillance cameras in Russia was found by experts in the search engine SHODAN.IO.
Experts found in the Linux kernel three vulnerabilities of 15 years ago, with the help of which cybercriminals can get root rights. To operate identified vulnerabilities, you need to have local access to the device, so hackers will have to first hack the system using other errors.
Apple Mac owners warn about the presence of a critical vulnerability that allows hackers to carry out cyberatics to user devices. The problem destination is the M1 chip, which employs new Mac computers. Hacking hackers are carried out through the browser, after which they get access to user's web activity.
Due to the vulnerability in Exchange Server, the Norwegian parliament was subjected to serious kiberatak. It is reported that the scale of the hacker attack was unknown, but some of the confidential data that was stored on the server of the parliament, were stolen by intruders.
Microsoft has declared the full elimination of the zero day vulnerability in Internet Explorer, which could be used by attackers to install backdors in victims. With the help of the released update in Microsoft also eliminated the vulnerability of increasing privileges in Windows Win32K.
The program disseminates the program for the operation of one of the main vulnerabilities of computer processors - Spectre. With the help of advanced exploits, cybercriminals get access to the internal memory of the main computing unit and extract user confidential information: credentials, payment details and much more.
Google Corporation announced the elimination of the third consecutive vulnerability of the zero day in Chrome (for Linux, Mac, Windows). Vulnerability, according to the description of experts, is presented in the form of a critical USE-after-free bug in the opening movement for BLINK rendering. Operation of the error allows you to perform arbitrary code in systems with a vulnerable version of the popular browser.
More interesting material on cisoclub.ru. Subscribe to us: Facebook | Vk | Twitter | Instagram | Telegram | Zen | Messenger | Icq new | YouTube | Pulse.
Record
Published on site
.