New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


MacOS Kernel Exploit

A severe vulnerability has surfaced in the Webroot SecureAnywhere antivirus software which allows for attacks to take place at the kernel level. The vulnerability (CVE-2018-16962) is described as a memory corruption issue that was caused by an arbitrary user-supplied pointer that can be read from, and possibly written too. Researchers claim, “If particular conditions in the memory function of SecureAnywhere are met, attackers are gifted with a write-what-where kernel opening, allowing them to execute arbitrary code in this core element.” On a better note, the attacker needs local access to exploit the vulnerability. Users of SecureAnywhere are advised to update to version