Security Alerts & News
by Tymoteusz A. Góral

History
#2175 VMware patches critical virtual machine escape flaws
VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines.

The patches fix four vulnerabilities that affect VMware ESXi, VMware Workstation Pro and Player and VMware Fusion.

Two of the vulnerabilities, tracked as CVE-2017-4902 and CVE-2017-4903 in the Common Vulnerabilities and Exposures database, were exploited by a team from Chinese internet security firm Qihoo 360 as part of an attack demonstrated two weeks ago at Pwn2Own.
Read more
#2179 Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server
#2178 This book reads you - using JavaScript
#2177 Flatbed scanners used as relay point for controlling malware in air-gapped systems
#2176 Let’s Encrypt issues certs to ‘PayPal’ phishing sites: how to protect yourself
#2175 VMware patches critical virtual machine escape flaws
#2174 Skype users hit by ransomware through in-app malicious ads
#2173 One of the most prolific botnets is back - and now it's being used for stockmarket scams
#2172 Unskilled group behind many junk ransomware strains
#2171 New IIS 6.0 0day exploited in live attacks since July 2016
#2170 Russian hacker pleads guilty in global botnet case
#2169 About 90% of Smart TVs vulnerable to remote hacking via rogue TV signals
#2168 Someone is putting lots of work into hacking Github developers
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12