(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
LibTIFF CVE-2016-5652 Heap Buffer Overflow Vulnerability
Linux Kernel CVE-2016-9191 Local Denial of Service Vulnerability
Multiple D-Link DIR Routers CVE-2016-6563 Remote Stack Overflow Vulnerability


With fewer than 24 hours before polls open for the 2016 US presidential election, consider this your periodic reminder that e-voting machines expected to tally millions of votes are woefully antiquated and subject to fraud should hackers get physical access to them.

A case in point is the Sequoia AVC Edge Mk1, a computerized voting machine that will be used in 13 states this year, including in swing states such as Arizona, Pennsylvania, and Wisconsin. The so-called direct-recording electronic vote-counting system has long been known to be susceptible to relatively simple hacks that manipulate tallies and ballots. Researchers from security firm Cylance are driving that point home with demonstration hacks. The first one causes one or more votes for one candidate to count as votes for that candidate's rival. A second one alters the names as they appear on the electronic balloting screen.

Cylance discloses voting machine vulnerability.

The hacks work by tampering with—or more precisely, reflashing—the PCMCIA card, a storage device in the voting machine that's similar to the tiny hard drive that's used by many digital cameras. The fraud could be carried out by inserting a maliciously modified card inside a Sequoia AVC Edge machine, although the attackers would likely have to circumvent tamper-evident seals that are designed to flag such abuse. The video above shows the hack being used to alter both the public and protective counters the machine uses to count and recount results to ensure tallies are valid. The decade-old hack first came to public attention in 2007 in a research paper titled Source Code Review of the Sequoia Voting System.

Read 3 remaining paragraphs | Comments

Exponent CMS Multiple SQL Injection Vulnerabilities
GMER CVE-2016-4289 Stack Buffer Overflow Vulnerability
Dracut CVE-2016-8637 Local Information Disclosure Vulnerability
Multiple Pivotal Products CVE-2016-6657 Unspecified Open Redirection Vulnerability
Zabbix CVE-2016-9140 Remote Code Execution Vulnerability
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation
MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )
[security bulletin] HPSBUX03665 rev.1 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection
Square git-fastclone Multiple Remote Command Execution Vulnerability
Exponent CMS CVE-2016-7095 Arbitrary File Upload Vulnerability
Axessh 4.2.2 Denial Of Service
SAP Adaptive Server Enterprise SQL Injection Vulnerability
Samsung Mobile Phones CVE-2016-7160 Null Pointer Dereference Denial of Service Vulnerability
phpMyAdmin CVE-2016-6610 Full Path Information Disclosure Vulnerability
Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
phpMyAdmin CVE-2016-6611 SQL-Injection Vulnerability

Enlarge (credit: Tesco Bank)

Tesco Bank has been forced to suspend its online transactions after fraudulent criminal activity was spotted on thousands of its customer accounts over the weekend.

A total of 40,000 current accounts were hit by suspicious transactions. Money was pinched from 20,000 of the affected current accounts, Tesco Bank said on Monday morning.

"We apologise for the worry and inconvenience that this has caused for customers, and can only stress that we are taking every step to protect our customers’ accounts," said the bank's chief Benny Higgins.

Read 7 remaining paragraphs | Comments

WebKit CVE-2016-4677 Memory Corruption Vulnerability
Red Hat OpenShift Enterprise CVE-2016-8631 Security Bypass Vulnerability
Redis CVE-2016-2121 Local Information Disclosure Vulnerability
cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
Internet Storm Center Infocon Status