Emergency Patch Issued for Samba, WannaCry-type Bug Exploitable with One Line of Code

CircleID CircleID: The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability. Tom Spring reporting from Threatpost writes: "The flaw poses a severe threat to users, with approximately 104,000 Samba installations vulnerable to remote takeover. More troubling, experts say, the vulnerability can be exploited with just one line of code." The Samba team which issued the patch on Wednesday, says "all versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

— "Comparisons are being made between the WannaCry ransomware attacks... because like WannaCry, the Samba vulnerability could be a conduit for a 'wormable' exploit that spreads quickly. Also, any exploit taking advantage of the Samba vulnerability would also take advantage of bugs in the same SMB protocol used by the NSA exploits used to spread WannaCry." –Tom Spring, Threatpost, 25 May 2017

— No signs of attacks yet in the 12 hours since its discovery was announced. "[I]t had taken researchers only 15 minutes to develop malware that made use of the hole. ... This one seems to be very, very easy to exploit ... more than 100,000 computers [are found] running vulnerable versions of the software, Samba, free networking software developed for Linux and Unix computers. There are likely to be many more." –Jeremy Wagstaff and Michael Perry, Reuters, 25 May 2017
Follow CircleID on TwitterMore under: Cyberattack, Cybersecurity, Malware

The post Emergency Patch Issued for Samba, WannaCry-type Bug Exploitable with One Line of Code appeared first on iGoldRush Domain News and Resources.

Continue reading

Domain Name For Sale

globalblackjack.xyz The perfect name for online gaming or your own ideas. Just the name is for sale. Taking offers. Registered name. Easy transfere.
Continue reading

Domain Movers: WindowsNext.com, Stat3.com + More

dotWeekly dotWeekly: Welcome to Domain Movers where DotWeekly keeps track of corporate domain name transactions. These domain movements are often early indicators of new brands, marketing efforts, domain upgrades and much more.
Here are the latest:
Amazon Technologies, Inc. registered AmazonPopUp.com on May 23, 2017 and appears to be getting ready to do something with the domain. One odd thing to me, they have the super popular Amazon AWS that many use to host websites, yet Amazon often uses DYN and NeuStar, … Read the rest
Domain Movers: WindowsNext.com, Stat3.com + MoreJamie Zoch

The post Domain Movers: WindowsNext.com, Stat3.com + More appeared first on iGoldRush Domain News and Resources.

Continue reading

A great resource for new top level domain name data

Domain Name Wire Domain Name Wire: Don’t overlook this new top level domain stats site. This blog and many others in the domain name industry often cite nTLDstats.com for new TLD metrics. It’s a great service, but you should also be aware of NameStat.org. I particularly like NameStat’s top level domain dashboards. Here are some key metrics on these snapshots that […]
The post A great resource for new top level domain name data appeared first on Domain Name Wire | Domain Name News & Views.

The post A great resource for new top level domain name data appeared first on iGoldRush Domain News and Resources.

Continue reading