SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
A Look Back At 2016: The Year of Ransomware
Ransomware was a popular topic in 2016. Ransomware attacks have become complex, targeted, and sophisticated. Many organizations infected with ransomware have lost a huge amount of money to get back their data from attackers. In 2016, new ransomware and new variants of old ransomware showed up. This ...
CVE Research
Privilege Escalation Vulnerability in MySQL / MariaDB / PerconaDB databases ( CVE-2016-5616 / CVE-2016-6663 )
Privilege escalation is the method of exploiting a bug, design flaw, or configuration issue in an operating system or software application to gain access to resources that are having restrictions to use by other users. An independent researcher Dawid Golunski exposed a privilege escalation vulnerabi...
CVE Research
Gaining Root Shell in Linux (CVE-2016-4484)
Linux distributions are one of the most popular and commonly used operating systems. All Linux distributions including Debian, Ubuntu, Fedora, Red Hat Enterprise Linux (RHEL), and SUSE Linux Enterprise Server (SLES) suffer from a serious authentication bypass vulnerability that can allow anyone to b...
CVE Research
Adobe Security Updates for November 2016
Adobe has released one critical security update for Adobe Flash Player (APSB16-37) and one security update for Adobe Connect (APSB16-35). The security updates for Adobe Flash Player resolve critical vulnerabilities that allow attackers to execute arbitrary code and take control of the affected syste...
CVE Research
Dirty COW Vulnerability (Kernel Local Privilege Escalation)
Dirty COW vulnerability(CVE-2016-5195) is a privilege escalation in the Linux Kernel, which allows an unprivileged local user to gain write access to otherwise read-only memory mappings. Thus increases their privileges on the system. Vulnerability management tool are essential to detect such critica...