Description: Cisco has released updates to address vulnerabilities affecting multiple products. Review the following Cisco Security Advisories and apply the necessary updates: Cisco IOS XE Software Static Credential Vulnerability Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability Impact: A remote attacker could exploit some of these vulnerabilities to...
Read More
SOC and CSIRT teams have distinctive roles and responsibilities. In this article we describe the differences between a SOC and CSIRT to help you determine which team will fill your organization’s needs. SOC? A SOC stands for security operations center. Obviously, the term SOC bears the connotation of an environment designed specifically to defend corporate data and networks, and it can be used to describe...
Read More
An active cryptocurrency mining campaign targeting Linux servers via PHP Weathermap Vulnerability to deploy cryptocurrency mining malware. The campaign uses an outdated security flaw with “Network Weathermap” that allow a remote attacker to inject arbitrary codes in the server. In the current campaign, cybercriminals deploy the XMRig miner as final payload in the target server. The attack primarily focuses on Japan, Taiwan, China, the U.S.,...
Read More
A Newly Discovered Andoird Malware called TeleRAT are abused Telegram Bot API that used to command and control the malicious Android applications. TeleRAT is a Dubbed IRRAT Malware that steal information ranging from SMS and call history to file listings from infected Android devices. “Telegram Bots are special accounts that do not require an additional phone number to set up and are generally used to...
Read More
Description: Multiple vulnerabilities have been discovered in MozillaFirefox and Firefox Extended Support Release (ESR), which could allow for remote code execution. Details of the vulnerabilities are as follows: * A remote code-execution vulnerability exists because it fails to properly process Vorbis audio data. Specifically, this issue occurs due to an out-of-bounds write error in the ‘libvorbis’ library. (CVE-2018-5146) * A remote code-execution vulnerability exists because...
Read More
Description: Multiple vulnerabilities have been discovered in Adobe Flash Player that could allow for remote code execution. These vulnerabilities are as follows: * One use after free vulnerability that could allow for remote code execution (CVE-2018-4919). * One type confusion vulnerability that could allow for remote code execution (CVE-2018-4920) Impact: Successful exploitation of these vulnerabilities could result in the attacker gaining control of the affected...
Read More
Description: A vulnerability has been discovered in ManageEngine Applications Manager, which could allow for remote code execution. The publically accessible testCredential.do endpoint takes multiple user inputs and validates supplied credentials by accessing a specific system. This endpoint calls several internal classes and then executes a PowerShell script. If the specified system is an Office SharePoint Server, then the username and password parameters to this script...
Read More
Cisco released 22 security advisories yesterday, including two alerts for critical fixes, one of them for a hardcoded password that can give attackers full control over a vulnerable system. The hardcoded password issue affects Cisco’s Prime Collaboration Provisioning (PCP), a software application that can be used for the remote installation and maintenance of other Cisco voice and video products. Cisco PCP is often installed on...
Read More
Malware variants previously focused on the financial sector are now successfully attacking non-banking targets, according to Blueliv. A higher level of collaboration and intelligence-sharing between industries is ever-more crucial in the fight against cybercrime. Sharing intelligence As the ‘public profile’ of cybercrime continues to increase, enterprises are encouraged to look at how they keep their businesses and customers safe by sharing intelligence, best practice and...
Read More
