DemonBot Malware Targets Apache Hadoop Servers Using Available Exploit Code
October 30, 2018New DemonBot malware uses Apache Hadoop exploit also used by XBash to launch exploitation attempts at a rate of one million a day to facilitate widespread DDoS. Background Researchers at Radware rec...
Tweetable Exploit for X.org Server Local Privilege Escalation (CVE-2018-14665) Released
October 26, 2018A researcher has published a local privilege escalation exploit that fits in a single tweet for xorg-x11-server. Vendors are rolling out fixes and mitigation advice. Background On October 25, a twee...
Microsoft Data Sharing Service Zero-Day Exploit Released on Twitter (CVE-2018-8584)
October 24, 2018Researcher discloses privilege escalation zero-day in Microsoft’s Data Sharing Service on Twitter and provides a proof-of-concept that could be used to deploy attacks in the wild. Background On Octo...
jQuery File Upload Plugin Leaves Web Servers Vulnerable to Unauthenticated File Upload Attacks
October 19, 2018Akamai disclosed that the popular jQuery File Upload plugin has been vulnerable to an unauthenticated file upload flaw since November 2010. Background Akamai’s Security Intelligence Response Team (S...
libssh Vulnerable to Authentication Bypass (CVE-2018-10933)
October 17, 2018A newly announced vulnerability in libssh, a multiplatform library that supports the Secure Shell (SSH) protocol, allows attackers to bypass authentication and gain full control over vulnerable server...
Microsoft’s October 2018 Security Update: There's More to the Story
October 15, 2018A week after Microsoft addressed 49 vulnerabilities in its October 2018 Security Update, new developments have emerged that change the threat profile of some of them. Background On Tuesday, Octobe...
Public Exploit Modules Available for Cisco Prime Infrastructure Vulnerability
October 12, 2018Users of Cisco Prime Infrastructure Software are urged to update to the latest version to address one of two vulnerabilities that, when chained, could lead to remote code execution with system-level p...
Xbash Malware Targets Windows and Linux with Ransomware and Cryptomining
September 19, 2018Newly identified Xbash malware is targeting weak passwords and unpatched vulnerabilities on Linux and Windows systems to launch ransomware or cryptomining attacks. Background Unit 42, Palo Alto Netw...
New Apache PHP XSS Bug Displays Modified HTTP Request Text to Users
September 14, 2018A researcher has discovered a cross-site scripting vulnerability caused by mishandling of a PHP header in Apache version 2.x. Upgrade PHP and review privileges for applications and services using it. ...
Cisco Critical Advisories for September Includes Patch for Struts Vulnerability
September 5, 2018Cisco has released advisories for 29 issues, including three critical vulnerabilities. The update also includes a patch for CVE-2018-11776 in Apache Struts. Background On Wednesday, September 5, Cis...
Windows Task Scheduler Zero-Day Exploit Available in the Wild: Caution Urged
August 28, 2018Updated September 11: Microsoft released the patch for this vulnerability (CVE-2018-8440) today as part of its monthly security update known as Patch Tuesday. Customers are advised to apply this secur...
New Apache Struts Vulnerability Could Allow for Remote Code Execution
August 22, 2018Updated August 23: A working proof of concept (PoC) has been discovered and verified on Github by Tenable’s research team. In addition, there are indications that attackers are already probing for vul...