Security Alerts & News
by Tymoteusz A. Góral

#1234 Cyberattack claims multiple airports in Vietnam
Hackers on Friday successfully pulled-off cyberattacks against Vietnam’s two largest airports and the nation’s flag carrier, Vietnam Airlines.

The attacks — attributed to a Chinese hacking group known as 1937CN — ultimately failed to cause any significant security issues or air traffic control problems, Vice Minister of Transport Nguyen Nhat told local media.
#1233 Hacking Imgur for fun and profit
I’ve been meaning to write about this for a while. It all started back in July 2015 when I decided to look for vulnerabilities in Imgur, an incredibly popular image sharing platform. The reason I chose Imgur was because I frequently visited the site and I was already familiar with how the site worked. After a short amount of time searching I managed to find some common vulnerabilities; XSS, clickjacking, and a whole load of CSRF issues.

Reporting the issues proved to be a little difficult. The only way I could see to contact Imgur was through their support system which wasn’t suitable for reporting security issues. Eventually, August 1st, I wrote up a report detailing the issues, shipped an email off to, and waited. But not for long.
#1232 Android Stagefright bug required 115 patches, millions still at risk
One year after the Stagefright Android flaw was first reported, its effects are widespread. More than 100 related flaws have emerged and hundreds of millions of users remain at risk.

On July 27, 2015, news broke about Stagefright, a vulnerability in Android. A year later, it's clear that Stagefright has had a major impact on the mobile security world—more so than other vulnerabilities in recent memory.

The Stagefright flaw isn't just a single issue even though a year ago it wasn't entirely clear how much of an impact the vulnerability would have. Stagefright, a reference to the libstagefright media library in Android, was found by Joshua Drake, vice president of Platform Research and Exploitation at Zimperium, to be vulnerable to exploitation.
#1231 Cisco 2016 Midyear Cybersecurity Report (PDF)
It’s time again for our Midyear Cybersecurity Report (MCR), providing updates from Cisco security researchers on the state of security from the first half of the year. The 2016 MCR supplements the 2016 Cisco Annual Security Report published in January with mid-year analysis and insights on the evolving trends and threats across the industry. It also offers valuable guidance on what you can do to be more secure. Time is the resounding theme throughout the 2016 MCR and a pivotal factor in how we protect our businesses, our assets, and ourselves.

This report’s Cybercrime Spotlight is on ransomware, as this specific threat is becoming more widespread and potent. Our adversaries focus more than ever on generating revenue, and now deploy ransomware to target enterprise users in addition to individuals. These direct attacks are becoming increasingly efficient and lucrative, generating huge profits. Our security researchers calculate that ransomware nets our adversaries nearly $34 million annually. That’s a significant industry, and it’s time we improve our odds to handle this type of attack.
#1230 Xen patches critical guest privilege escalation bug
A freshly uncovered bug in the Xen virtualisation hypervisor could potentially allow guests to escalate their privileges until they have full control of the hosts they're running on.

The Xen hypervisor is used by cloud giants Amazon Web Services, IBM and Rackspace.

Inadequate security checks of how virtual machines access memory means a malicous, paravirtualised guest administrator can raise their system privileges to that of the host on unpatched installations, Xen said.

"The paravirtualisation pagetable code has fast-paths for making updates to pre-existing
pagetable entries, to skip expensive re-validation in safe cases (eg. clearing only Access/Dirty bits)," Xen's security team said in its advisory for XSA 182.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12