Security Advisories & Alerts


Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....

Read More


A Vulnerability in Apache Struts Could Allow for Remote Code Execution

DESCRIPTIONA vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open source framework used for building Java web applications. Successful exploitation of this vulnerability could allow for remote code execution. Depending on the privileges associated with the user, an attacker could then install programs; view; change, or delete data; or create new accounts with full user...

Read More


Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability

DESCRIPTIONA vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit...

Read More


A Vulnerability in Mozilla Thunderbird Could Allow for Arbitrary Code Execution

DESCRIPTIONA vulnerability has been discovered in Mozilla Thunderbird, which could allow for arbitrary code execution. Mozilla Thunderbird is an email client. Successful exploitation of this vulnerability could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to...

Read More


Multiple Vulnerabilities in VMware SD-WAN Orchestrator Could Allow for Arbitrary Code Execution

DESCRIPTIONMultiple vulnerabilities have been discovered in VMware SD-WAN Orchestrator, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges given to the host machine. Depending on the privileges associated with VMware SD-WAN Orchestrator, an attacker could then install programs; view, change, or delete data; or create...

Read More


GlobeImposter ransomware

The GlobeImposter ransomware family first appeared around August of 2017.  In early 2019, GlobeImposter ransomware underwent extensive modifications, after which the authors re-released it, causing havoc around the world. Ransom.GlobeImposter is a ransomware application that will encrypt files on a victim machine and demand payment to retrieve the information.Ransom.GlobeImposter may be distributed through a malicious spam campaign, recognizable only with their lack of message content...

Read More


Stantinko Botnet Now Targeting Linux Servers

Stantinko, one of the oldest malware botnets still operating today, has rolled out updates to its class of Linux malware, upgrading its trojan to pose as the legitimate Apache web server process (httpd) in order to make detection harder on infected hosts. According to a new analysis published by Intezer,come to confirm that despite a period of inactivity in regards to code changes, the Stantinko...

Read More


Threat Alert – ‘CostaRicto’ Hack-for-Hire Mercenary Group : Targets Global Businesses

A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. The BlackBerry Research and Intelligence team have been monitoring a cyber-espionage campaign that is targeting disparate victims around the globe. The campaign, dubbed CostaRicto by BlackBerry, appears to be operated by “hackers-for-hire”, a group of APT mercenaries who possess bespoke malware tooling...

Read More


Multiple Vulnerabilities in Adobe Acrobat and Adobe Reader Could Allow for Arbitrary Code Execution

DESCRIPTIONMultiple vulnerabilities have been discovered in Adobe Acrobat and Adobe Reader, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a family of software developed by Adobe Inc. to view, create, manipulate, print, and manage files in PDF format. Adobe Reader is the free version within the Adobe Acrobat family of software. Successful exploitation of the most severe of these...

Read More


Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....

Read More


Page 22 of 66« First...10...2021222324...304050...Last »