computersecuritynews

Symantec end point protection got Owned

Posted on

Offensive Security has the information. As Offensive  Security was performing a pentest, they noticed that Symantec Endpoint protection had a flaw -one that allows the hacker to escalate security privileges.   This is very bad as it is not a direct execution flaw, but it is a stealth method.   So one never notices as […]

Securityexploits

Easier to steal technology than create your own: China acts

Posted on

KrebsonSecurity  has a story discussion of an old intrusion. The Iron Dome manufacturers with its successful anti-missile shield found out during 2011-2012 Elisra Group, Israel Aerospace Industries, and Rafael Advanced Systems.   The hackers “Comment Crew”  stole sensitive documents from the networks of the manufacturers over the course of a year.  including a 900 page […]

Securityexploits

elasticsearch vulnerability helping cause Denial of Service attacks

Posted on

securelist has the story elasticsearch is an open source Cloud software running on a lot of   cloud companies. As it is a search and analytics engine.   But apparently it has a vulnerability which hackers are abusing. “ including a bot implementing some extraordinary DNS amplification DDoS functionality. Operators of these bots are currently active, […]