On September 19, 2017 (US time), the Apache Software Foundation released information on vulnerabilities (CVE-2017-12615 and CVE-2017-12616) in Apache Tomcat. In the vulnerability CVE-2017-12615, when running on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false), arbitrary code may be executed remotely […]
Locky is coming: Ransomware campaign uses Game of Thrones-themed scripting variables
A Lannister always pays his debts. And you, too, may have to pay up if you become infected with Locky ransomware, delivered in an email distribution campaign that uses Game of Thrones references in its scripting variables. In a company blog post on Friday, PhishMe intelligence analyst Victor Cornell describes recently discovered Locky threat campaign, noting that the […]
Linux IoT botnet retooled to send spam email
An IoT botnet has set its hooks in about 4,500 – 5,000 proxy devices to send spam emails which each device capable of sending 400 messages or a total of 1.8 million messages per day. The Linux.ProxyM first appeared in February 2017 and had peaked at 10,000 bots by July […]
Kaspersky Software Ordered Removed From US Gov’t Computers
The Trump administration is ordering U.S. federal executive branch agencies to remove anti-virus software from Russian-owned Kaspersky Lab from their computers within 90 days. The Department of Homeland Security, in a statement issued Wednesday, says Kaspersky security products pose a risk to federal information systems because they provide broad access […]
PSA: New Microsoft Word 0day used in the wild
Microsoft has just patched an important vulnerability in Microsoft Word during its latest patch Tuesday cycle. According to the security firm that found it [1], this new zero-day (CVE-2017-8759) was used in targeted attacks to install a piece of malware known as FinFisher. Microsoft Office has been in the line of fire throughout the […]
Billions of mobile, desktop and IoT devices potentially exposed to BlueBorne Attack
Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new stealthy remote attack dubbed BlueBorne attack. Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new remote attack, even without any user interaction and pairing. The unique condition […]
Compromised LinkedIn accounts used to send phishing links via private message and InMail
Phishing continues to be a criminals’ favorite for harvesting user credentials with more or less sophisticated social engineering tricks. In this post, we take a look at a recent attack that uses existing LinkedIn user accounts to send phishing links to their contacts via private message but also to external […]
ADOBE FIXES EIGHT VULNERABILITIES IN FLASH, ROBOHELP, COLDFUSION
Adobe fixed eight vulnerabilities across three products, including two critical memory corruption bugs and a critical XML parsing flaw, with its regularly scheduled update on Tuesday. RoboHelp for Windows, ColdFusion, and as usual, Flash Player, all received updates as part of the company’s Patch Tuesday security bulletins. Versions 26.0.0.151 and […]
VMWARE PATCHES BUG THAT ALLOWS GUEST TO EXECUTE CODE ON HOST
Users who run four different types of VMware products, ESXi, vCenter Server, Fusion and Workstation, are being encouraged to update to address a series of vulnerabilities, one critical. The most serious issue, an out-of-bounds write vulnerability, exists in ESXi, and desktop hypervisors Workstation, and Fusion. An attacker could exploit the […]
ANDROID USERS VULNERABLE TO ‘HIGH-SEVERITY’ OVERLAY ATTACKS
Security researchers warned of a high-severity Android flaw on Thursday that stems from what they call a “toast attack” overlay vulnerability. Researchers say criminals could use the Android’s toast notification, a feature that provides simple feedback about an operation in a small pop up, in an attack scenario to obtain […]