Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc).
Tracked as CVE-2023-6246 (CVSS score: 7.8), the heap-based buffer overflow vulnerability is rooted in glibc’s __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It’s said to have
Related Post
- September 16, 2024
Legacy Ivanti Cloud Service Appliance Being Exploited
CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer
- September 16, 2024
Apple Drops Spyware Case Against NSO Group, Citing
Apple has filed a motion to “voluntarily” dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk
- September 16, 2024
Cybercriminals Exploit HTTP Headers for Credential Theft via
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login
- September 14, 2024
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in