CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilities because of how it was discovered. Asim Manizada, a security engineer at SpaceX, didn’t find it by auditing source code the old-fashioned way. He built an AI-powered…
Tag: logic
Global Security News, Government & Policy
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
Global Security News, Network Security
US warns of Iranian hackers targeting critical infrastructure
Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations. […]
AI, Global Security News, malware
AI-Powered ‘DeepLoad’ Malware Steals Credentials, Evades Detection
The massive amount of junk code that hides the malware’s logic from security scans was almost certainly generated by AI, researchers say.
AI, Exploits, Global Security News, malware
Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth
A wormable cryptojacking campaign spreads via pirated software, using BYOVD and a time-based logic bomb to deploy a custom XMRig miner. Researchers uncovered a wormable cryptojacking campaign that spreads through pirated software bundles to deploy a custom XMRig miner. The attack uses a BYOVD exploit and a time-based logic bomb to evade detection and maximize…