Update 1: OMI agent is not installed on Azure FireboxV/Cloud instances (September 17th, 2021): We reviewed our FireboxV/Cloud instance for Azure and confirmed that the OMI agent cannot be installed on the image. We recommend reviewing the additional guidance Microsoft published on September 16th, 2021 for securing the OMI affected resources/tools. Original Post … [Read more...]
Linux Vulnerability: sudo Configuration File
Joe Vennix of Apple Information Security discovered a vulnerability pertaining to the ever popular “sudo” command used in Linux systems. If you’re not aware of what sudo is used for, sudo allows non-administrative users (e.g., normal, unprivileged users) to execute commands as another user or, most commonly, the superuser (i.e., root). This is sometimes necessary to have access … [Read more...]
Libarchive Vulnerabilities – Daily Security Byte EP. 278
Libarchive is an open source library for archive compression and decompression. Many Linux software and distributions use it. More importantly, many Linux-based appliances may also use it. Today's video covers three vulnerabilities in this popular library, and what you should do about them. (Episode Runtime: 1:45 Direct YouTube … [Read more...]
Linux Distro Backdoored – Daily Security Byte EP. 220
It would suck to have your website hacked, and your user database stolen by malicious attackers. However, can you imagine those attackers also creating a backdoored version of your software, and distributing it among your customer from your very own site? Unfortunately, that's exactly what happened Linux Mint, the makers of a popular Linux distribution. Watch today's episode to … [Read more...]
Glibc Helps Hackers Pop Linux – Daily Security Byte EP. 217
Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names. This week, Google and Red Hat researchers disclosed a serious vulnerability in this common library, which could allow remote attackers to execute code on your Linux … [Read more...]