View Larger Image Security Digest 7E6-12Here are this week’s highlights in cybersecurity:Unpatched bug in popular DNS C library called uClibc puts IoT devices at risk. Root cause is DNS transaction ID is predictable so an attacker can poison DNS replies. MoreExecuting malware using file-less techniques in read-only containers. MoreExploit Development: exploiting Dynamic Linking Procedure in x64 ELF Binaries. MoreChinese actors targeting Asian telecom providers make use of DLL side-loading in popular Antivirus software to load malware. MoreA vulnerability set dubbed TLStorm 2.0 (following version 1 disclosed in March) exposes network switches from Avaya and Aruba to remote code execution. MoreSeveral threat actors have moved from BazaLoader to Bumblebee to deploy their malware. MoreDon’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.2022-09-13T19:09:37+00:00By Alex|Focus on Security|Found It Helpful? Spread The Word:FacebookTwitterLinkedInEmail About the Author: Alex OSCE3, OSEP, OSED, OSWE, OSCP certified. Over 10 years of experience in the IT industry, now working in Product Security and leading a Red Team. Huge Offensive Security and CTF nerd. I enjoy music, teaching and hiking.