Multiple Panda Security Multiple Products DLL Loading Local Code Execution Vulnerability
IBM Rational Quality Manager CVE-2016-0326 Remote Command Injection Vulnerability
IBM Security Guardium CVE-2016-0242 Information Disclosure Vulnerability
Cisco WebEx Meetings Player CVE-2016-1464 Remote Code Execution Vulnerability

Enlarge / An LG Nexus 5 at the moment it is rooted using Rowhammer-induced bit flips. (credit: van der Veen et al.)

Researchers have devised an attack that gains unfettered "root" access to a large number of Android phones, exploiting a relatively new type of bug that allows adversaries to manipulate data stored in memory chips.

The breakthrough has the potential to make millions of Android phones vulnerable, at least until a security fix is available, to a new form of attack that seizes control of core parts of the operating system and neuters key security defenses. Equally important, it demonstrates that the new class of exploit, dubbed Rowhammer, can have malicious and far-reaching effects on a much wider number of devices than was previously known, including those running ARM chips.

Previously, some experts believed Rowhammer attacks that altered specific pieces of security-sensitive data weren't reliable enough to pose a viable threat because exploits depended on chance hardware faults or advanced memory-management features that could be easily adapted to repel the attacks. But the new proof-of-concept attack developed by an international team of academic researchers is challenging those assumptions.

Read 19 remaining paragraphs | Comments

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Last Friday, a large DDoS attack against Dyn caused many popular websites to be unreachable. The outage was discussed on mainstream news outlets. It is likely that you will be asked to brief your boss or your team about this attack. To help you out, we prepared a brief presentation that you may use as part of such a briefing. We publish the slides and a video of the presentation for you to use. You may modify the slides at will (add/remove to them) . But please give us credit if you use any of the material.

If you have any feedback, please let us know. We may update the presentation later this evening based on any suggestions we receive.

Powerpoint Slides:

YouTube Video of Presentation:

I hope you will find this useful.We also had a webcast about a week ago about the Mirai botnet. You can find this webcast here:

Johannes B. Ullrich, Ph.D.

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Internet Storm Center Infocon Status