Description: A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user.The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting a crafted request to the user interface of Cisco UCS Central. Impact: Command Execution Vulnerability Vulnerable Products This vulnerability affects Cisco...
Read More
Description: A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, the attacker must provide a valid username. The vulnerability is due to incorrect RADIUS user credential validation. An attacker could exploit this vulnerability by attempting to access a Cisco Policy Suite domain configured with RADIUS...
Read More
Core Security issued an advisory for multiple vulnerabilities it found in Kaspersky Labs’ Secure Mail Gateway that if left unpatched could lead to administrative account takeover. Core Security researchers found that the Kaspersky Secure Mail Gateway, which is a virtual appliance deployed inside an organization’s network infrastructure that comes bundled with a Web Management Console that monitor the apps operation. However, the console “provides no...
Read More
A simple yet serious application-level denial of service (DoS) vulnerability has been discovered in WordPress CMS platform that could allow anyone to take down most WordPress websites even with a single machine—without hitting with a massive amount of bandwidth, as required in network-level DDoS attacks to achieve the same. Since the company has denied patching the issue, the vulnerability (CVE-2018-6389) remains unpatched and affects almost...
Read More
On Jan. 31, KISA (KrCERT) published an advisory about an Adobe Flash zero-day vulnerability (CVE-2018-4878) being exploited in the wild. On Feb. 1, Adobe issued an advisory confirming the vulnerability exists in Adobe Flash Player 28.0.0.137 and earlier versions, and that successful exploitation could potentially allow an attacker to take control of the affected system. FireEye began investigating the vulnerability following the release of the initial advisory from KISA....
Read More
A new botnet appeared over the weekend, and it’s targeting Android devices by scanning for open debug ports so it can infect victims with malware that mines the Monero cryptocurrency. The botnet came to life on Saturday, February 3, and is targeting port 5555, which on devices running the Android OS is the port used by the operating system’s native Android Debug Bridge (ADB), a debugging...
Read More
Description: A vulnerability has been discovered in Adobe Flash Player that could allow for remote code execution. This vulnerability occurs due to a use-after-free error (CVE-2018-4878). Adobe is scheduled to release a patch to address this vulnerability during the week of February 5th, 2018. In the meantime, Adobe has provided mitigation steps that are listed in the recommendations section below. Impact: Successful exploitation of this...
Read More
The Trend Micro Cyber Safety Solutions team has discovered a new botnet delivered via Chrome extensions that affect hundreds of thousands of users. (The malicious extension is detected as BREX_DCBOT.A.) This botnet was used to inject ads and cryptocurrency mining code into websites the victim would visit. We have dubbed this particular botnet Droidclub, after the name of one of the oldest command-and-control (C&C) domains...
Read More
Over 526,000 Windows computers —mainly Windows servers— have been infected with Monero mining software by a group that operates the biggest such botnet known to date. This group’s operations have been known to security researchers since last year, and various companies have published reports on its activity. Because the botnet is so massive and widespread, most previous reports covered only a fraction of the group’s...
Read More
Mobile spyware has become increasingly more ubiquitous in corporate networks and devices. In a 2017 study, Check Point has found that out of the 850 organizations that they queried, 100% had experienced a mobile malware attack at least once in the past. To date, most cybersecurity companies have focused either on software-only or built-in hardware solutions as a way of fighting back against these threats....
Read More
