Hello, welcome to the Tuesday, June 14th, 2016 edition of the Santernut Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Washington, D.C.

Samsung fixed a pretty simple and basic privilege escalation vulnerability in its software update that ships with Samsung laptops.

The vulnerability here is a very typical privilege escalation vulnerability.

An attacker can write to a directory that the update tool will use to load DLs.

So all the attacker has to do is plug DLL with the right name into that directory, and it

will be loaded and executed on the next reboot as the system user.

Whenever you have any process that runs as an elevated user, you have to make sure

that other users can't modify the files this process. Uses has happened a lot, for example,

with Cron scripts on Unix systems as well that run as root but can be written or overwritten by a regular

user.

And Trent Micro is reporting how good old non-crypto ransomware is crossing over from

smartphones to TVs.

This type of ransomware has been around for a couple years, the particular variant that

Trent Micro is talking about is known as flocker.

And what essentially does is it locks your phone and makes it unusable unless you are paying

up the ransom. Typically this comes with a note claiming to be from some kind of law enforcement police organization

that found out that you're performing illegal activity and as a result locked your phone

unless you're paying the fine.

So no files here are encrypted but the phone becomes unusable unless you're doing a hard

reset. Now, what happened recently according to Trend Micro is that they have seen this type

of Malware infect TVs that are running the Android operating system. No big surprise really here, given if it's the same

...