• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
/ All CS Digest Sections / RECENT HEADLINES / Software Security

CS Digest Section: Software Security

DoS Vulnerabilities Impact Linux Kernel

Posted: 11/27/2018 | Leave a Comment

Two recently disclosed Linux kernel vulnerabilities that remain unpatched could be exploited for local denial-of-service (DoS).

https://www.securityweek.com/dos-vulnerabilities-impact-linux-kernel

Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency

Posted: 11/27/2018 | Leave a Comment

A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet.

https://www.bleepingcomputer.com/news/security/backdoor-in-popular-javascript-library-set-to-steal-cryptocurrency/

Apache Alerts Developers of Remote Code Execution Flaw

Posted: 11/13/2018 | Leave a Comment

The team that develops the Apache Struts framework is alerting users of a critical vulnerability that could allow remote code execution attacks. The Apache Foundation urged developers to update a key component of the framework in order to patch the flaw in an alert posted Monday.

https://www.cyberscoop.com/apache-remote-code-execution-flaw-november-2018/

Windows Defender Becomes First Antivirus to Run Inside a Sandbox

Posted: 10/30/2018 | Leave a Comment

Microsoft announced today that Windows Defender is the first antivirus to gain the ability to run inside a sandbox environment.

https://www.zdnet.com/article/windows-defender-becomes-first-antivirus-to-run-inside-a-sandbox/

New Security Flaw Impacts Most Linux and BSD Distros

Posted: 10/30/2018 | Leave a Comment

Linux and BSD variants that employ the popular X.Org Server package --almost all do-- are vulnerable to a new vulnerability disclosed on Thursday.

https://www.zdnet.com/article/new-security-flaw-impacts-most-linux-and-bsd-distros/

Linux Kernel Vulnerability Affects Red Hat, CentOS, Debian

Posted: 10/02/2018 | Leave a Comment

Qualys has disclosed the details of an integer overflow vulnerability in the Linux kernel that can be exploited by a local attacker for privilege escalation. The flaw, dubbed "Mutagen Astronomy," affects certain versions of the Red Hat, CentOS and Debian distributions.

https://www.securityweek.com/linux-kernel-vulnerability-affects-red-hat-centos-debian

Browser Security Hole on Macs and iPhones – Just How Bad is it?

Posted: 09/18/2018 | 1 Comment

We've seen quite a few articles out there telling you to beware if you use the Safari browser, because attackers can spoof URLs!

https://nakedsecurity.sophos.com/2018/09/14/browser-security-hole-on-macs-and-iphones-just-how-bad-is-it/

Microsoft Patches Recent ALPC Zero-Day in September 2018 Patch Tuesday Updates

Posted: 09/18/2018 | Leave a Comment

The monthly Microsoft security updates --known as the Patch Tuesday updates-- are out, and this month, the OS maker has fixed 62 security flaws, including a recent zero-day vulnerability that was dumped on Twitter last month, and later adopted by a malware campaign.

https://www.zdnet.com/article/microsoft-patches-recent-alpc-zero-day-in-september-2018-patch-tuesday-updates/

The Chilling Reality of Cold Boot Attacks

Posted: 09/18/2018 | Leave a Comment

Olle and his fellow cyber security consultant Pasi Saarinen recently discovered a new way to physically hack into PCs. According to their research, this method will work against nearly all modern computers. This includes laptops from some of the world's biggest vendors like Dell, Lenovo, and even Apple.

https://blog.f-secure.com/cold-boot-attacks/

SpectreRSB: New Attack Targets CPU Return Stack Buffers

Posted: 07/24/2018 | Leave a Comment

A new Spectre-class attack called SpectreRSB has been revealed by researchers.

https://www.zdnet.com/article/spectrersb-new-side-channel-attack-targets-cpu-components/

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 12
  • Go to Next Page »

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
US Department of Defense Logo USD(R&E) Logo DTIC Logo DoD IACs Logo

Copyright 2012-2021, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information
Accessibility / Section 508 | FOIA | Link Disclaimer | No Fear Act | Policy Memoranda | Privacy, Security & Copyright | Recovery Act | USA.Gov

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT