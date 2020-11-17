Proprietary Software and Security Issues
-
Google Blames Gmail, YouTube Outage on Error in User ID System
Google diagnosed a widespread outage that knocked out major services earlier this week, such as Gmail and YouTube, as a mistake with its system for identifying people online.
Alphabet Inc.’s Google has several tools that enable it to verify and track logged-in users. In October, the company began moving those tools to a new file storage system, and in the process misreported portions of the data, according to a Friday post. That caused several of its services to go down for 47 minutes Monday morning, a rare technical misstep.
-
Windows 10 updates cause CorsairVBusDriver BSOD crash loop
-
Microsoft has delivered a partial fix for this nagging Windows 10 bug
Microsoft has released a partial fix for a known issue affecting Windows 10 devices with certain audio drivers for Conexant and Synaptics devices. The issue has been under investigation since May this year.
-
Attackers in compromised US system at least since mid-2019: report
Malicious attackers, who were exposed as having hit a number of government and private sector entities through software made by Texas firm SolarWinds, appear to have gained access to that firm's network as early as mid-2019, Yahoo! News claims.
-
Suspected Russian [attack]: Was it an epic cyber attack or spy operation?
But for many current and former American officials, that’s not the right way to look at it. By [cracking] into dozens of corporations and government agencies, they say, the [crackers] have pulled off a stunning and distressing feat of espionage. But they note that it’s just the sort of cyber spying that the American National Security Agency attempts on a regular basis against Russia, China and any number of foreign adversaries.
It might constitute an attack if the intruders destroyed data, for example, or used their access to do damage in the physical world, say, by shutting down power grids. But breaking into unclassified government and corporate networks? Reading other people’s emails? That’s spying.
-
Exploiting a stack-based buffer overflow in practice
In my previous post, I detailed a fun method of obtaining root access on the Zyxel VMG8825-T50 router, which required physical access to the device and authenticated access to the web interface.
In this post, I will detail the exploitation of a vulnerability that could potentially result in unauthenticated RCE as root, given LAN access only. This vulnerability was also found on the VMG8825-T50 router, but it turns out to be present in multiple other Zyxel devices.
-
