Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

Kernel memory leak

A flaw in Intel’s processor chips is forcing a significant redesign of the Linux and Windows kernels. To read more: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

Apple

Apple has confirmed that all Mac systems and iOS devices are affected by the Meltdown and Spectre vulnerabilities. Apple has said that there are no known exploits impacting customers at this time, and that is has already released mitigations. To read more: http://www.zdnet.com/article/apple-confirms-iphone-mac-affected-by-meltdown-spectre-vulnerabilities/

Qualcomm

Qualcomm has confirmed that its processors have the same security vulnerability as the Intel and IBM cores. To read more: https://www.theregister.co.uk/2018/01/06/qualcomm_processor_security_vulnerabilities/

US Homeland Security

More than 240,000 current and former employees of the US Department of Homeland Security have had their personal details exposed. The breach could affect anyone employed between 2002 and 2014. To read more: https://www.theregister.co.uk/2018/01/04/us_homeland_security_breach_exposed_personal_info_of_200000_staff/

Spectre and Meltdown

To protect your Linux, MacOS or Windows PC, patch immediately. Learn more about how to protect your devices and how the security vulnerabilities will affect you: http://www.zdnet.com/article/how-the-meltdown-and-spectre-security-holes-fixes-will-affect-you/

Spectre and Meltdown: Origins

An article outlining how three researchers discovered the 20-year-old Spectre and Meltdown vulnerabilities simultaneously. To read more: https://www.wired.com/story/meltdown-spectre-bug-collision-intel-chip-flaw-discovery/

Reported Vulnerabilities

vSphere Data Protection

VMware identified three vulnerabilities and published a security advisory for its Data Protection product. The critical flaw could allow a remote unauthenticated attacker to bypass authentication protections and gain root control of the server. To read more: https://www.theregister.co.uk/2018/01/03/vmware_vsphere_vdp/

MacOS LPE Exploit

A researcher released details of a local privilege escalation attack against MacOS that dates back to 2002. However, the attack requires a pre-existing foothold in the targeted systems to execute. To read more: https://threatpost.com/macos-lpe-exploit-gives-attackers-root-access/129282/

Dell EMC Data Protection Suite

Security researchers have discovered zero-day vulnerabilities within its Data Protection Suite products. These enable attackers to compromise the Dell EMC Avamar Server, NetWorker Virtual Edition and Integrated Data Protection Appliance. To read more: http://www.zdnet.com/article/zero-day-vulnerabilities-hijack-full-dell-emc-data-protection-suite/

LightsOut Apps

Almost two dozen Android flashlight and related utility apps were removed from the Google Play marketplace after researchers found a malicious advertising component inside them. The apps were downloaded between 1.5 and 7.5 million times. To read more: https://threatpost.com/google-play-removes-22-malicious-lightsout-apps-from-marketplace/129328/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.