(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
LibTIFF CVE-2016-5652 Heap Buffer Overflow Vulnerability
 
Linux Kernel CVE-2016-9191 Local Denial of Service Vulnerability
 
Multiple D-Link DIR Routers CVE-2016-6563 Remote Stack Overflow Vulnerability
 

Enlarge

With fewer than 24 hours before polls open for the 2016 US presidential election, consider this your periodic reminder that e-voting machines expected to tally millions of votes are woefully antiquated and subject to fraud should hackers get physical access to them.

A case in point is the Sequoia AVC Edge Mk1, a computerized voting machine that will be used in 13 states this year, including in swing states such as Arizona, Pennsylvania, and Wisconsin. The so-called direct-recording electronic vote-counting system has long been known to be susceptible to relatively simple hacks that manipulate tallies and ballots. Researchers from security firm Cylance are driving that point home with demonstration hacks. The first one causes one or more votes for one candidate to count as votes for that candidate's rival. A second one alters the names as they appear on the electronic balloting screen.

Cylance discloses voting machine vulnerability.

The hacks work by tampering with—or more precisely, reflashing—the PCMCIA card, a storage device in the voting machine that's similar to the tiny hard drive that's used by many digital cameras. The fraud could be carried out by inserting a maliciously modified card inside a Sequoia AVC Edge machine, although the attackers would likely have to circumvent tamper-evident seals that are designed to flag such abuse. The video above shows the hack being used to alter both the public and protective counters the machine uses to count and recount results to ensure tallies are valid. The decade-old hack first came to public attention in 2007 in a research paper titled Source Code Review of the Sequoia Voting System.

Read 3 remaining paragraphs | Comments

 
Exponent CMS Multiple SQL Injection Vulnerabilities
 
GMER CVE-2016-4289 Stack Buffer Overflow Vulnerability
 
Dracut CVE-2016-8637 Local Information Disclosure Vulnerability
 
Multiple Pivotal Products CVE-2016-6657 Unspecified Open Redirection Vulnerability
 
Zabbix CVE-2016-9140 Remote Code Execution Vulnerability
 
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution
 
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation
 
MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )
 
[security bulletin] HPSBUX03665 rev.1 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection
 
Square git-fastclone Multiple Remote Command Execution Vulnerability
 
Exponent CMS CVE-2016-7095 Arbitrary File Upload Vulnerability
 
Axessh 4.2.2 Denial Of Service
 
SAP Adaptive Server Enterprise SQL Injection Vulnerability
 
Samsung Mobile Phones CVE-2016-7160 Null Pointer Dereference Denial of Service Vulnerability
 
phpMyAdmin CVE-2016-6610 Full Path Information Disclosure Vulnerability
 
Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
 
phpMyAdmin CVE-2016-6611 SQL-Injection Vulnerability
 

Enlarge (credit: Tesco Bank)

Tesco Bank has been forced to suspend its online transactions after fraudulent criminal activity was spotted on thousands of its customer accounts over the weekend.

A total of 40,000 current accounts were hit by suspicious transactions. Money was pinched from 20,000 of the affected current accounts, Tesco Bank said on Monday morning.

"We apologise for the worry and inconvenience that this has caused for customers, and can only stress that we are taking every step to protect our customers’ accounts," said the bank's chief Benny Higgins.

Read 7 remaining paragraphs | Comments

 
WebKit CVE-2016-4677 Memory Corruption Vulnerability
 
Red Hat OpenShift Enterprise CVE-2016-8631 Security Bypass Vulnerability
 
Redis CVE-2016-2121 Local Information Disclosure Vulnerability
 
cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
 
Internet Storm Center Infocon Status