Tag: Root

  • Apple closes that big root hole – “Install this update as soon as possible”

    Yesterday we wrote about a publicly-disclosed problem in Apple’s macOS 10.13, better known as High Sierra. For reasons that aren’t yet …

  • Apple fixes root password bug: ‘Install this update as soon as possible’

    Well, to their credit, it didn’t take Apple long to fix their horrendous bug that allowed *anyone* to log into computers running macOS High …

  • Critical macOS High Sierra bug allows easy root access

    If you’re using a Mac, and are running macOS High Sierra, drop everything that you’re doing and go and set/change the computer’s root …

  • Huge MacOS bug lets anyone login as root without a password: what you need to know

    What’s happened? Turkish developer Lemi Orhan Ergin has found a colossal security hole in the latest shipping version of MacOS, High Sierra …

  • Savitech Audio Drivers Caught Installing Root Certificate

    Savitech drivers used by several companies that provide specialized audio products expose computers to hacker attacks by installing a new …

  • Android malware ZNIU exploits DirtyCOW vulnerability

    Thanks to Jagadeesh Chandraiah of SophosLabs for his behind-the-scenes work on this article. Last year, we told you about DirtyCOW, a privilege escalation bug in the Linux kernel that allows ordinary users to turn themselves into all-powerful root users. Read full news article on Naked Security  

  • Reset Your AWS Root Account’s Lost MFA Device Faster by Using the AWS Management Console

    To help secure your AWS resources, AWS recommends that you follow the AWS Identity and Access Management (IAM) best practice of enabling multi-factor authentication (MFA) for the root user of your account. With MFA turned on, the root user of your account is required to submit one form of authentication, which is the account password,…

  • Local Root Exploit Found on Lenovo Smartphone

    The remaining two issues, CVE-2017-3749 and CVE-2017-3750, impact the Idea Friend Android and Lenovo Security Android applications, respectively. Read full news article on SecurityWeek  

  • Back That App Up: Gaining Root on the Lenovo Vibe

    In May of 2016, Mandiant’s Red Team discovered a series of vulnerabilities present on Lenovo’s Vibe P1 Android-based mobile device that allow local privilege escalation to the user “root”. Mandiant disclosed these vulnerabilities to Lenovo in May of 2016. Read full news article on FireEye Blog  

  • Deep Root: what can we learn from the GOP’s data leak?

    The headlines scream of how the Republicans’ data analytic contractor, Deep Root Analytics, had stored 25 terabytes (TB) of data stored in the cloud, of which 1.1TB were available for harvesting by anyone who found the links. The exposed data put the personal identifying information (and more) of approximately 200m registered voters in the United…

  • Security Pros ‘Prefer’ Root Canal Surgery Over Informing Board of Breaches

    Almost half (44%) of security professionals would rather have root canal surgery than make the dreaded walk of shame to the boardroom to explain that they’ve suffered a data breach, according to results from a survey carried out by malware protection firm Lastline at Infosecurity Europe 2017. Lastline polled 326 information security professionals during the…

  • A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

    Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover. Dubbed Stack Clash, the vulnerability (CVE-2017-1000364) has been discovered in the way memory…