- Linux Kernel Gets Patch For Years-Old Serious Vulnerability
Linux has patch again one of the dangerous vulnerability in Linux kernel that dates back to 2009 and affects a large number of Linux distros, including Red Hat, Debian, Fedora, OpenSUSE, and Ubuntu. The latest Linux kernel flaw (CVE-2017-2636), which existed in the Linux kernel for the past seven years, allows a local unprivileged user to gain root privileges on affected systems or cause a denial of service (system crash). Positive Technologies researcher Alexander Popov discovered a race condition issue in the N_HLDC Linux kernel driver – which is responsible for dealing with High-Level Data Link Control (HDLC) data – that leads to double-free vulnerability. An unauthenticated attacker may leverage this vulnerability to inject and execute arbitrary code in the security context of currently logged in user. The vulnerability affects the majority of popular Linux distributions including Red Hat Enterprise Linux 6, 7, Fedora, SUSE, Debian, and Ubuntu according to news published by HackerNews.
Cyber Security tips: Users are strictly recommended to install the latest security updates as soon as possible.
2. More than 33 million US employee records leaked
A database containing more than 33 million records of corporate and government employees has been leaked online from a huge commercial corporate database which includes information like names, job titles and functions, work email addresses and phone numbers of employees from the Department of Defense, US Postal Service, Wal-Mart, telecoms giant AT&T and Ohio State University. Data of 100,000 defense employees is reported to be leaked. Over 88,000 employees with the US Postal Service, more than 6,000 with AT&T, over 55,000 with Wal-Mart, more than 40,000 with CVS, over 38,000 with the Ohio State University, over 35,000 with Citigroup, more than 34,000 with Wells Fargo Bank, over 34,000 with Kaiser Foundation Hospitals and over 33,000 with IBM have been affected, but It’s still unclear how the data was exposed. The company said that no sensitive data is leaked only data leaked which are on business card according to news published by E-Hacking News.
Cyber Security Tips: To protect yourself from such hacking keep your database secure, keep backup of your data, keep using security product to protect your data.