Latest News

We found design flaw/weakness in Java Usage Tracker that can enable hackers to create arbitrary files, inject attacker-specified parameters, and elevate local privileges. In turn, these can be chained and used to escalate privileges in order to access resources in affected systems that are normally protected or restricted to other applications or users.

We’ve worked with Oracle through our Zero Day Initiative to patch this flaw, and this has been fixed via Oracle’s October patch update. Users and businesses are accordingly urged to patch and update their version of Java.

In this blog post, we will delve into how this flaw works on Windows — how Java Usage Tracker works and defining the conditions that enabled the exploit.

The post CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows appeared first on .

SecurityWeek RSS Feed

Latest IT Security News and Expert Insights Via RSS Feed

Vulnerabilities in telepresence robots could provide an attacker not only with command execution capabilities, but also with access to a live video stream from the device, Zingbox reports.

read more

List of Latest threats - PANDA SECURITY

Collective Intelligence Monitor Virus activity recorded by Panda Security’s Collective Intelligence servers.

It is a critical vulnerability in the Windows Print Spooler service on Windows 2008/7/Vista/2003/XP computers, which allows hackers to gain remote control of the affected computer with the same...

Thanks to Collective Intelligence, Panda's exclusive cloud-computing technology, the company's 2010 solutions leverage the knowledge gathered from the community of millions of Panda users around the world. Each new file received is automatically classified within six minutes and the Collective Intelligence servers classify more than 50,000 new malware samples every day. These technologies correlate information on malware received from each computer to continuously improve the protection level for the worldwide community of users.

Malware News ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers