by CIRT Team
Stantinko Botnet Now Targeting Linux Servers
Stantinko, one of the oldest malware botnets still operating today, has rolled out updates to its class of Linux malware, upgrading its trojan to pose as the legitimate Apache web server process (httpd) in order to make detection harder on infected hosts. According to a new analysis published by Intezer,come to confirm that despite a period of inactivity in regards to code changes, the Stantinko...
Read More
by CIRT Team
Threat Alert – ‘CostaRicto’ Hack-for-Hire Mercenary Group : Targets Global Businesses
A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. The BlackBerry Research and Intelligence team have been monitoring a cyber-espionage campaign that is targeting disparate victims around the globe. The campaign, dubbed CostaRicto by BlackBerry, appears to be operated by “hackers-for-hire”, a group of APT mercenaries who possess bespoke malware tooling...
Read More
by CIRT Team
Multiple Vulnerabilities in Adobe Acrobat and Adobe Reader Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Adobe Acrobat and Adobe Reader, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a family of software developed by Adobe Inc. to view, create, manipulate, print, and manage files in PDF format. Adobe Reader is the free version within the Adobe Acrobat family of software. Successful exploitation of the most severe of these...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....
Read More
by CIRT Team
Multiple Vulnerabilities with Cisco Adaptive Security Appliance and Firepower Threat Defense
DESCRIPTIONOctober 23 – UPDATED: Multiple vulnerability has been discovered in Cisco Adaptive Security Appliance and Firepower Threat Defense, which could allow for a denial of service condition. Cisco Adaptive Security Appliance is the core operating system that delivers enterprise-class firewall capabilities and Cisco Firepower Threat Defense is an integrative software image. Successful exploitation of this vulnerability could allow an attacker to cause denial-of-service condition. IMPACTMultiple...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,...
Read More
by CIRT Team
Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution.
DESCRIPTIONMultiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Firefox ESR, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code...
Read More
by CIRT Team
Multiple Vulnerabilities in HP Intelligent Management Center (iMC) Could Allow for Arbitrary Code Execution.
DESCRIPTIONMultiple vulnerabilities have been discovered in HP Intelligent Management Center (iMC), the most severe of which could allow for arbitrary code execution. HP Intelligent Management Center (iMC) is software platform used to manage enterprise network environments. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution within the context of a privileged process. Attackers can exploit these issues to execute...
Read More
by CIRT Team
Oracle Quarterly Critical Patches Issued October 20, 2020
DESCRIPTIONMultiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution. SYSTEM AFFECTED • Application Performance Management (APM), versions 13.3.0.0, 13.4.0.0 • Big Data Spatial and Graph, versions prior to 3.0 • Enterprise Manager Base Platform, versions 13.2.1.0, 13.3.0.0, 13.4.0.0 • Enterprise Manager for Peoplesoft, version 13.4.1.1 • Enterprise Manager for Storage Management, versions 13.3.0.0, 13.4.0.0 • Enterprise Manager Ops Center,...
Read More
by CIRT Team
Multiple Vulnerabilities in Magento CMS Could Allow for Remote Code Execution (APSB20-59)
DESCRIPTIONMultiple vulnerabilities have been discovered in Magento CMS, the most severe of which could allow for arbitrary code execution. Magento is a web-based e-commerce application written in PHP. Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new...
Read More
