Day: June 20, 2017

Serious privilege escalation bug in Unix OSes imperils servers everywhere

Enlarge (credit: Victorgrigas ) A raft of Unix-based operating systems—including Linux, OpenBSD, and FreeBSD—contain flaws that let attackers elevate low-level access on a vulnerable computer to unfettered root. Security experts are advising administrators to install patches or take other protective actions as soon as possible. Stack Clash, as the vulnerability is being called, is most likely to be chained to other vulnerabilities to make them more effectively execute malicious code, researchers from Qualys, the security firm that discovered the bugs, said in a blog post published Monday . Such local privilege escalation vulnerabilities can also pose a serious threat to server host providers because one customer can exploit the flaw to gain control over other customer processes running on the same server. Qualys said it’s also possible that Stack Clash could be exploited in a way that allows it to remotely execute code directly. “This is a fairly straightforward way to get root after you’ve already gotten some sort of user-level access,” Jimmy Graham, director of product management at Qualys, told Ars. The attack works by causing a region of computer memory known as the stack to collide into separate memory regions that store unrelated code or data. “The concept isn’t new, but this specific exploit is definitely new.” Read 5 remaining paragraphs | Comments

Read More:
Serious privilege escalation bug in Unix OSes imperils servers everywhere

Web host agrees to pay $1m after it’s hit by Linux-targeting ransomware

(credit: Aurich Lawson) A Web-hosting service recently agreed to pay a $1 million to a ransomware operation that encrypted data stored on 153 Linux servers and 3,400 customer websites, the company said recently. The South Korean Web host, Nayana, said in a blog post published last week that initial ransom demands were for five billion won worth of Bitcoin, which is roughly $4.4 million. Company negotiators later managed to get the fee lowered to 1.8 billion won and ultimately landed a further reduction to 1.2 billion won, or just over $1 million. An update posted Saturday said Nayana engineers were in the process of recovering the data. The post cautioned that that the recovery was difficult and would take time. “It is very frustrating and difficult, but I am really doing my best, and I will do my best to make sure all servers are normalized,” a representative wrote, according to a Google translation. Read 2 remaining paragraphs | Comments

Visit link:
Web host agrees to pay $1m after it’s hit by Linux-targeting ransomware

‘Star Trek Discovery’ explores new frontiers on September 24th

After four months of production following a worrisome delay , CBS is finally comfortable enough with its long-awaited new Star Trek series to set a release date: September 24th, 2017. That’s right on schedule . The new series will star Michelle Yeoh as Captain Philippa Georgiou with The Walking Dead’s Sonequa Martin-Green as her First Officer, Michael Burnham. The 15-episode season will launch Sunday the 24th at 8:30PM ET on CBS and run through November 5th. The second half of the season (episodes 8-15) is slated to start next January. The show is an exclusive to CBS All Access, the company’s streaming subscription service, although the first episode will also air on CBS proper. This means that the CBS All Access app will be the exclusive place for Star Trek fans to check out this latest chapter. It’s an intentionally limiting move that seems to be made to boost interest in the CBS All Access service, but we’re hoping it comes to regular TV eventually so more viewers can tune in.

Follow this link:
‘Star Trek Discovery’ explores new frontiers on September 24th

NASA Finds Evidence Of 10 New Earth-sized Planets

NASA said Monday it has found new evidence of 219 planets outside our Solar System. Ten of those exoplanets appear to be similar to the size of the Earth and orbit their stars in the habitable zone. From a report: The new planets’ existence must still be double-checked. But Kepler’s latest haul — which includes a planet that is only slightly larger than Earth and receives the same amount of energy from its sun as Earth — is the latest triumph for Kepler, which has spotted roughly 80 percent of the planets orbiting stars other than our sun. Because of their potential for hosting life, the 10 Earth-size planets are the most glamorous of the newly announced planets from Kepler. But those 10 were joined by an additional 209 more garden-variety planets that are unlikely to be hospitable to life because they are too gassy, too hot, too cold or otherwise unlike the only known planet to host life: Earth. Read more of this story at Slashdot.

Link:
NASA Finds Evidence Of 10 New Earth-sized Planets