Linux users, beware! One of the most powerful and well known command line utility, sudo, could aid users to gain superuser privileges in spite of the existing restrictions. With sudo being installed in almost all flavors of UNIX-like operating systems, a major number of users could possibly be affected. Who said security was easy? Right, […]

Read More →

Samba is a file share server which is a re-implementation of the SMB protocol. Apart from being a server for sharing files and printers, Samba can also be used to access the file system on a Windows machine from a Unix machine. A security researcher, Stefan Metzmacher together with the Samba Team discovered a critical […]

Read More →

Quick Emulator (or QEMU) is a cross-platform open-source emulator that performs hardware virtualization. QEMU is a free alternative to VMware. It is used by Xen, VirtualBox, KVM and is available for most Linux distributions. Vishnu Dev, a security researcher, discovered that an attacker can break out of a guest operating system and attack the host operating […]

Read More →

Apple has released an emergency patch to fix a flaw in the kernel component. Reports indicate that Apple had accidentally reverted a patch previously issued for this vulnerability in May 2019. The devices which had installed updates released in June 2019 were exposed to this vulnerability again. This vulnerability was discovered by Ned Williamson of […]

Read More →

Exams were round the corner and I had a crucial decision to make – accept the job offers that I got through campus interviews or search for a job of my own interest. Being a part of the 1 million engineering graduates that India annually produces, I knew to find the perfect job was not […]

Read More →

A critical vulnerability has been discovered recently in QEMU (Quick Emulator). Beware of the Command execution vulnerability that exists in QEMU, a hosted virtual machine monitor. It was recently discovered that the QEMU Guest agent’s command ‘guest_exec‘ has encountered a critical OS command injection vulnerability which allows any remote unauthenticated attacker to gain sensitive information, […]

Read More →