Description: Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. This Security Alert addresses an Oracle Database vulnerability in versions 11.2.0.4 and 12.2.0.1 on Windows. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are...
Read more
After hackers attack companies, government, agencies and hospitals, they have begun to use BitPaymer ransomware to attack the PGA of America. According to GolfWeek, the computers in the PGA’s office were infected with ransomware. When the ransom notes and the related information appeared on their computer screens on Tuesday, they...
Read more
Recently, a new form of phishing scam has been discovered. It uses the recipient’s real password to make the victims mistakenly believe that their online data has been attacked by hackers. It is claimed that the victims have to meet the request of the attackers, otherwise the video regarding victims...
Read more
Recently, 360 Security Center discovered that attackers injected the CryptoMining script into the Chinese official website of the well-known provider of Internet streaming media, RealNetworks. When users open the official website of RealNetworks, it would cause high CPU usage, the processor would get hot, and the computer would be much...
Read more
Context Exobot Actor (nicknamed “android”) started a new Android bot rental service named Exobot v1 in June 2016. The malware in use was built to be able to target many banks with so called overlay attacks (also known as injects). SfyLabs’ team analyzed and researched Exobot v1, which is covered...
Read more
Description: Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability. Relevant Products VMware Horizon 6 VMware Horizon 7 VMware Horizon Client for Windows Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory...
Read more
Description: The Linux kernel, versions 4.9+, is vulnerable to denial of service conditions with low rates of specially modified packets. Impact: An remote attacker may be able to trigger a denial-of-service condition against a system with an available open port. Mitigation: Updates are available. Please see the references or vendor...
Read more
Description: Drupal has released a security update addressing a vulnerability in Drupal 8.x. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/SA-CORE-2018-005
Description: The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. Impact: An attacker could exploit these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor...
Read more
Recently, 360 Security Center discovered a malicious hijacking campaign against MikroTik routers, mainly using the zero-day vulnerability in the MikroTik router in April. It infected the routers using code that loads the browser-based crytpomining software by Coinhive. Hence, when users try to access the Internet through the MikroTik proxy, they...
Read more
