Description: Microsoft has released updates to address multiple vulnerabilities in Microsoft software. The January security release consists of security updates for the following software: Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore .NET Framework ASP.NET Microsoft Exchange Server Microsoft Visual Studio Impact: A remote attacker could exploit this vulnerability to take control of an...
Read More
Description: Adobe has released security updates to address vulnerabilities in Adobe Connect and Adobe Digital Editions. This update resolves an important session token exposure vulnerability. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/connect/apsb19-05.html https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html
Another day, another data breach. This time it’s the United States National Aeronautics and Space Administration (NASA) NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency’s servers was hacked. In an internal memo sent to all employees on Tuesday, NASA said the unknown hackers managed to gain access to...
Read More
A security professional exposed to a spam campaign on Facebook discovered the method used by the perpetrator and submitted a report through the company’s bug bounty program. The issue still exists because Faceboook dismissed it on on the grounds that it does not change the state of the account. Proof-of-concept code demonstrates how easy it would be for an app developer to distribute arbitrary links...
Read More
In July 2017, 360 Security Center discovered the first virus Trojan infected with MBR and VBR. It was named “Double- Gun”. In the following year, we found that the virus author frequently updated the virus version to increase the profitability and ability to fight against security software, and the virus transmission channels are constantly changing. Recently, we found that the latest version of the “Double-Gun”...
Read More
For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reported late Tuesday. The attack was discovered by Area 1, an anti-phishing firm based in Redwood City, California, that was founded in 2013 by three former National Security Agency officials....
Read More
Description: WordPress 5.0 and prior versions are affected by multiple vulnerabilities. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
Description: Microsoft has released out-of-band security updates to address a vulnerability in Internet Explorer 9, 10, and 11. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653 https://www.kb.cert.org/vuls/id/573168/
Description: Cisco has released security updates to address a vulnerability in Adaptive Security Appliance. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181219-asa-privesc
Recently, 360 Security Center detected that the GandCrab ransomware is back to attack Windows-based servers and PCs. We also found that if it detects that the computer system is using the Russian language, it will stop intruding. Not only that, but we also recently discovered that the GrandCrab ransomware will stop invading war-torn areas. On 16th October, a Syrian user said on Twitter that GandCrab...
Read More