Description: Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. This Security Alert addresses an Oracle Database vulnerability in versions 11.2.0.4 and 12.2.0.1 on Windows. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html
After hackers attack companies, government, agencies and hospitals, they have begun to use BitPaymer ransomware to attack the PGA of America. According to GolfWeek, the computers in the PGA’s office were infected with ransomware. When the ransom notes and the related information appeared on their computer screens on Tuesday, they realized they were attacked. Here is the information on the ransom note: “Your network has...
Read More
Recently, a new form of phishing scam has been discovered. It uses the recipient’s real password to make the victims mistakenly believe that their online data has been attacked by hackers. It is claimed that the victims have to meet the request of the attackers, otherwise the video regarding victims visiting porn sites would be exposed. A few weeks ago, Vade Secure released a report,...
Read More
Recently, 360 Security Center discovered that attackers injected the CryptoMining script into the Chinese official website of the well-known provider of Internet streaming media, RealNetworks. When users open the official website of RealNetworks, it would cause high CPU usage, the processor would get hot, and the computer would be much slower. RealVideo and RealPlayer created by RealNetworks have been widely spread, so the number of...
Read More
Context Exobot Actor (nicknamed “android”) started a new Android bot rental service named Exobot v1 in June 2016. The malware in use was built to be able to target many banks with so called overlay attacks (also known as injects). SfyLabs’ team analyzed and researched Exobot v1, which is covered in detail in our blog. After a year of successful campaign of Exobot v1, in May...
Read More
Description: Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability. Relevant Products VMware Horizon 6 VMware Horizon 7 VMware Horizon Client for Windows Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0019.html
Description: The Linux kernel, versions 4.9+, is vulnerable to denial of service conditions with low rates of specially modified packets. Impact: An remote attacker may be able to trigger a denial-of-service condition against a system with an available open port. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/962459 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e
Description: Drupal has released a security update addressing a vulnerability in Drupal 8.x. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/SA-CORE-2018-005
Description: The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
Recently, 360 Security Center discovered a malicious hijacking campaign against MikroTik routers, mainly using the zero-day vulnerability in the MikroTik router in April. It infected the routers using code that loads the browser-based crytpomining software by Coinhive. Hence, when users try to access the Internet through the MikroTik proxy, they will encounter HTTP error since Coinhive’s Javascript has been injected into web pages that users...
Read More
