Hello, welcome to the Monday, February 13th, 2017 edition of the Sands and its Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Google's Project Zero is looking at security software again, and it released details about six different privilege escalation flaws in Samsung's

NOx protection for Android.

Knox includes a component known as real-time kernel protection, also RKP, and it is supposed

to protect the kernel of Android.

Now, Google Project, Sarah found a number of laws

in this component that can be used to bypass real-time kernel protection. Google's write-up is

not just interesting because, well, it talks about these vulnerabilities, but it really goes

into quite a bit in depth how sort of these

hypervisor-based kernel protection systems work and how the bypass methods that Google

found actually worked in this particular case and could help bypass protections that are

supposed to prevent the kernel from getting compromised.

Of course, these vulnerabilities only matter if there are actual vulnerabilities in Android

that can be used to reach route, but of course, there are typically plenty of them,

so it's good that Samsung released a patch for the problem

a few weeks ago. If you are relying on Samsung Knox to protect your Android phones,

it's time to update. If you're running MongoDB and if you are listening to this podcast

regular, you're probably aware of all the exploits

that are being used in the wild to attack vulnerable MongoDB configurations.

A new tool was just released to GitHub by Aran Sanchez de Petro that assists MongoDB administrators

in scanning instances of MongoDB for configuration issues

...