Tag: File Systems

  • Samba Exploit Spreads Bitcoin Miners

    Multiple exploitation attempts using the recently disclosed Samba vulnerability CVE-2017-7494 are looking to spread bitcoin miners—likely as part of an organized cybercrime ring. Cyphort Labs said in an analysis that the exploit incorporates advanced functionality that was barely released in the Metasploit framework a week ago, which reinforces the notion that cyber-criminals “have a pulse…

  • Linux server attack: Patch Samba or risk cryptocurrency mining malware

    Attackers are free-riding Linux servers with an unpatched Samba bug to mine for the monero cryptocurrency. Now would be a good time install a patch released by open-source project Samba on May 25. Read full news article on ZDNet  

  • The ‘SambaCry’ Samba Vulnerability in Containers

    There’s a new vulnerability which could affect containerized apps; this time it’s the Samba vulnerability affecting Linux networking. Samba allows non-Windows operating systems to share network shared folders, files, and printers with a Windows operating system. Read full news article on DABCC  

  • Linux Bitcoin Users Need to be Aware of the new Samba Vulnerability

    As is the case with any potential cyber threat these days, it is unclear what the impact will be exactly. A new Samba vulnerability has been discovered, which can affect Linux distributions as well. Read full news article on Full Circle Magazine  

  • Vendors Investigating Impact of Samba Vulnerability

    Companies that provide network-attached storage (NAS) appliances, routers and other types of networking devices have started investigating the impact of a recently disclosed Samba vulnerability on their products. Read full news article on SecurityWeek  

  • What do you mean, ‘Windows bug in Linux’?

    Sophos Security Chet Chat – Episode 261 – May 26, 2017 The Chet Chat returns! Chet has been busily travelling the world giving talks in recent weeks, which is why we’ve had a bit of a hiatus lately – but now we’re back on the air again. Read full news article on Naked Security  

  • That Nasty Samba Vulnerability Is Now Patched in All Supported Ubuntu Releases

    You might have read the news this morning about a wormable code-execution bug discovered in the Samba free software re-implementation of the SMB/CIFS networking protocol, which existed in Samba for more than 7 years. According to the bug report, it would appear that Samba incorrectly handled shared libraries, thus allowing a remote attacker to upload…

  • Samba exploit – not quite WannaCry for Linux, but patch anyway!

    Samba is an open source project that is widely used on Linux and Unix computers so they can work with Windows file and print services. Samba can work as a client that lets you connect to Windows servers, and as a server that can accept connections from Windows clients. Read full news article on Naked…

  • Shades of #WannaCry as Urgent Patch Issued for SMB Software Samba

    Security experts are urging users to patch a seven-year-old bug in open source SMB implementation Samba or potentially risk a WannaCry-style malware outbreak. CVE-2017-7494 affects all versions of Samba from 3.5.0 onwards and can apparently be exploited with just one line of code if certain conditions are met, such having port 445 open. Read full…

  • It’s not just Windows anymore: Samba has a major SMB bug

    The other week, Microsoft got its security teeth kicked in when an old SMB security hole was exploited by the WannaCry ransomware attack. This week, it’s the turn of Samba, the popular open-source SMB server. Read full news article on ZDNet  

  • It’s not just Windows anymore, Samba has a major SMB bug

    The other week, Microsoft got its security teeth kicked in when an old SMB security hole was exploited by the WannaCry ransomware attack. This week, it’s the turn of Samba, the popular open-source SMB server. Read full news article on ZDNet  

  • New Samba Bug Dangerous But No WannaCry

    The recent WannaCry attack that impacted hundreds of thousands of Windows systems worldwide was a powerful reminder of the need for organizations to properly secure their file-sharing services against access from the Internet. Now there is even more incentive to do so. Read full news article on dark READING