January 3rd, 2018 by John
https://www.csoonline.com/article/3245037/security/researcher-drops-15-year-old-macos-zero-day-that-leads-to-full-system-compromise.html
Posted in Cybersecurity & Infosec, Exploits & Attacks
December 6th, 2017 by John
US-CERT has released a security update regarding a vulnerability in Apache Struts versions 2.5 to 2.5.14. The Apache Software Foundation released Apache Security Bulletins S2-054 and S2-055, which respectively address CVE-2017-15707 and CVE-2017-7525.
The vulnerabilities could allow a remote, unauthenticated attacker to perform a denial-of-service (DOS) by submitting malicious JSON data. The vulnerable systems use an outdated JSON-lib library with the Struts REST plugin. Read More
Posted in Cybersecurity & Infosec, Exploits & Attacks
Security researchers at Check Point have claimed that a single adware malware is infecting as many as 250 million PCs worldwide.
Posted in Cybersecurity & Infosec, Exploits & Attacks
Where are the biggest threats coming from?
Posted in Cybersecurity & Infosec, Exploits & Attacks, Nation State
This week Microsoft released another Malware Protection Engine patch.
Posted in Cybersecurity & Infosec, Exploits & Attacks
The Cloud Security Alliance (CSA) released its first ever research and guidance report on connected vehicle security. Authored by the CSA’s Internet of Things (IoT) Working Group, “Observations and Recommendations on Connected Vehicle Security” provides a comprehensive perspective on vehicle security connectivity design, possible attack vectors of concern, and recommendations for securing the connected vehicle environment. [via Help Net Security]
Posted in Cybersecurity & Infosec, Exploits & Attacks, IoT, IIoT, ICS-SCADA
Microsoft released patches for legacy systems affected by WannaCrypt attacks.
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Posted in Cybersecurity & Infosec, Exploits & Attacks
