DESCRIPTIONA vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open source framework used for building Java web applications. Successful exploitation of this vulnerability could allow for remote code execution. Depending on the privileges associated with the user, an attacker could then install programs; view; change, or delete data; or create new accounts with full user...
Read More
DESCRIPTIONA vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit...
Read More
DESCRIPTIONA vulnerability has been discovered in Mozilla Thunderbird, which could allow for arbitrary code execution. Mozilla Thunderbird is an email client. Successful exploitation of this vulnerability could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to...
Read More
DESCRIPTIONMultiple vulnerabilities have been discovered in VMware SD-WAN Orchestrator, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges given to the host machine. Depending on the privileges associated with VMware SD-WAN Orchestrator, an attacker could then install programs; view, change, or delete data; or create...
Read More
The GlobeImposter ransomware family first appeared around August of 2017. In early 2019, GlobeImposter ransomware underwent extensive modifications, after which the authors re-released it, causing havoc around the world. Ransom.GlobeImposter is a ransomware application that will encrypt files on a victim machine and demand payment to retrieve the information.Ransom.GlobeImposter may be distributed through a malicious spam campaign, recognizable only with their lack of message content...
Read More
