security Archives • Vance West

Dirty Sock Snapd Local Privilege Escalation Vulnerability

February 14, 2019January 23, 2020 webmaster 1158 Views 0 Comments dirty socks, security, snapd, vulnerability

A local privilege escalation in snapd versions 2.28 through 2.37 that could allow the creation of root level accounts – may give you a Dirty Sock ! Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges. On Ubuntu systems with snaps installed, snapd typically

Latest Security Web Hosting

PhpMyAdmin Releases Security Update 4.8.5 Patches SQL Injection and Arbitrary File Read

January 26, 2019 webmaster 713 Views 0 Comments bug, phpmyadmin, security

PhpMyAdmin security fix v4.8.5 will patch an SQL Injection and arbitrary file read vulnerability. Security is a daily ongoing endeavor and discipline in today’s online world. In a security blog post the developers of phpMyAdmin announced version 4.8.5 of its software to address a few security related issues. The security fixes involve: Arbitrary file read vulnerability (https://www.phpmyadmin.net/security/PMASA-2019-1) SQL injection in the Designer interface (https://www.phpmyadmin.net/security/PMASA-2019-2) The arbitrary file read vulnerability could also be exploited to delete

Latest Linux Security

Linux APT Package Manager Remote Code Execution Bug Patched

January 22, 2019 webmaster 549 Views 0 Comments apt, linux, rce, security

Original Source: BleepingComputer Independent consultant and security contractor Max Justicz discovered a remote code execution issue in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. As described by Justicz, the APT vulnerability present in the package manager starting with version 0.8.15 “allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code as root on a machine installing any package. The bug has been fixed in

Security

KeePassXC the Secure, Offline, Open Source Password Manager

January 18, 2019 webmaster 671 Views 0 Comments keepass, keepassxc, linux, passwords, security

In a vulnerable web and cloud based world, KeePassXC offers excellent password management that’s secure, reliable, offline by default and open source. A password manager is a tool that creates and stores passwords for you, so you can use many different passwords on different sites and services without having to memorize them all, and/or more importantly avoid using the same non-secure password. You only need to remember one password (and/or key file) that then allows

Latest Security

HealthEquity Security Breach Email Hacked Again

December 24, 2018 webmaster 569 Views 0 Comments email, hacked, healthequity, security

HealthEquity Email Hack Breaches Data of Users… Again ! An email hack security breach on their mail has again potentially exposed personal data of HealthEquity customers. This is not the first time however, in June, an unauthorized user hacked into an employee’s email account and breached the data of 16,000 customers according to HealthEquity Email Hack. The most recent breach is similar according to this site notification to customers: On October 5, 2018, HealthEquity’s information

Latest Web Hosting

Security Advisory – WordPress 5.0.1 Released

December 12, 2018 webmaster 359 Views 0 Comments hosting, security, wordpress

WordPress 5.0.1 is now available. This is a security release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.