Description: Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and shares during rename operations, aka “Windows Explorer Remote Code Execution Vulnerability”. Impact: Attackers can...
Read More
Description: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol, aka “Windows Elevation of Privilege Vulnerability”. Impact: An attackers...
Read More
Microsoft has released updates on 12 July 2017, for the Windows 10 operating system, as well as for other of the company’s products, updates that fix 55 security issues ranging from remote code execution to simple spoofing attacks.
Microsoft’s July 2017 Patch Tuesday includes a fix for an issue with the NT LAN Manager (NTLM) Authentication Protocol that can be exploited to allow attackers to create admin accounts on a local network’s domain controller (DC).
Attackers are continually trying to find new ways to target users with malware sent via email. Talos has identified an email-based attack targeting the energy sector, including nuclear power, that puts a new spin on the classic word document attachment phish. Typically, malicious Word documents that are sent as attachments to phishing emails will themselves contain a script or macro that executes malicious code. In...
Read More
The progression in Artificial Intelligence have incited intense debate worldwide, some experts are calling AI to counter malware attacks In a short span of six weeks, the world was hit twice by major ransomware attacks — malicious software that seizes the data stored on your computer systems and would only release it to you upon receiving ransom money.
Description: Some Huawei products as listed below : FusionCompute V100R003C10SPC600 V100R005C00 V100R005C10 V100R005C10U1_B1075917 LogCenter V100R001C10 RH2288 V2 V100R002C00 eLog V200R003C10 V200R003C20 eSight V300R003C20 V300R005C00SPC200 (for full list, be advised to visit specific vendor listed URLs given below) The above listed versions are vulnerable for Dirty COW (CVE-2016-5195) exploit. Impact: An attacker can exploit this vulnerability to escalate the privilege levels to obtain administrator privilege. Mitigation:...
Read More
Description: Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for more information....
Read More
Description: Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot. Impact: An attacker can exploit this issue to...
Read More
Description: Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer...
Read More
