COVID-19 Used To Hide Distribution of Cerberus Situation Hackers are using the COVID-19 Pandemic to spread malware and trojans, specifically using a trojan called Cerberus to public phone and tablet devices. This type of attack could potentially infect and compromise thousands of machines. This trojan is used to steal Credit Card numbers and personal user data from these devices. Problem This type of trojan will attempt to install itself from a webpage, link, or by opening… Read More
Security Advisories: Apple and Microsoft releases security updates to prevent vulnerabilities
Apple releases security updates to prevent numerous vulnerabilities Situation Apple has released security updates across its software platforms to prevent numerous vulnerabilities. Problem Apple has found multiple vulnerabilities in iTunes for Windows, iPadOS, iOSSafari, watchOS, tvOS, macOS Catalina, macOS Mojave, macOS High Sierra, and Xcode. This could allow the possibility of remote takeover or control of the devices and software. Implication A remote attacker could exploit these vulnerabilities in the unpatched software and take control of the device, steal information, or use the device… Read More
Security Advisory: Exploit affecting Tomcat versions 7.0, 8.5, and 9.0 posted on GitHub
Cisco has released updates to patch multiple vulnerabilities in their SD-WAN Solution software Situation Cisco has released updates to patch multiple vulnerabilities in their SD-WAN Solution software. There are Privilege Escalation, Command Injection and Buffer Overflow vulnerabilities in the SD-WAN Solution software. Problem Cisco has found multiple vulnerabilities in its SD-WAN Solution software that include Privilege Escalation, Command Injection, and Buffer Overflow in the environment. Implication If the vulnerabilities are left unpatched or are exploited before patching a remote attacker could… Read More
Security Advisories: Cisco and Chrome release updates
Cisco has released updates to patch multiple vulnerabilities in their SD-WAN Solution software Situation Cisco has released updates to patch multiple vulnerabilities in their SD-WAN Solution software. There are Privilege Escalation, Command Injection and Buffer Overflow vulnerabilities in the SD-WAN Solution software. Problem Cisco has found multiple vulnerabilities in its SD-WAN Solution software that include Privilege Escalation, Command Injection, and Buffer Overflow in the environment. Implication If the vulnerabilities are left unpatched or are exploited before patching a remote attacker could… Read More
Security Advisory: VMware Releases Security Updates for Multiple Products
Situation VMware has found and patched three critical vulnerabilities (CVE-2019-5543, CVE-2020-3947, and CVE-2020-3948). Two of which being privilege escalation vulnerability and one being use-after-free vulnerability. The products that are affected are VMware Horizon Client, Remote Console (VMRC), VMware Workstation and Fusion. Problem CVE-2020-3947: VMware Workstation and Fusion contain a use-after-free vulnerability (CVE-2020-3947) in vmnetdhcp. An attacker must first obtain the ability to execute low-privileged code on the target guest system… Read More
Security Advisories: Mozilla Releases Security Updates for Firefox / Remote Code Execution Vulnerability found in Microsoft Exchange Server
Mozilla Releases Security Updates for Firefox Situation Mozilla has released security updates to address a number of vulnerabilities in Firefox and Firefox ESR browser. Problem Mozilla has patched a number of high impact vulnerabilities found on the Firefox and Firefox ESR browser. Some of these vulnerabilities are memory safety bugs that could be exploited to run arbitrary code. Implication Not having your browser up to date could leave your system… Read More
Security Advisory: Google Releases Security Update for Chrome browser
Situation Google has recently released a security update for their Chrome browser version 80.0.3987.132 for Windows, Mac, and Linux systems. This version addresses vulnerabilities that could allow an attacker to take control of an affected system. Problem This update includes 4 security fixes. One of them being a high severity vulnerability (CVE-2020-6420) that could allow a attacker to bypass implemented security restrictions. Implication A successful exploitation of this vulnerability can… Read More
Security Advisories: 5 vulnerabilities found in Cisco’s Discovery Protocol (CDP) and Android Bluetooth Vulnerability
5 Vulnerabilities Found in Cisco’s Discovery Protocol (CDP) Situation 5 vulnerabilities have been found in Cisco’s Discovery Protocol (CDP) Problem The 5 vulnerabilities found in CDP, four of which are remote code execution vulnerabilities and one as a denial of service, can allow complete remote takeover of the devices which can allow data, video and audio to be exfiltrated from the network along with allowing the attacker to change any… Read More
Security Advisory: Buffer Overflow Found in Sudo
Situation A buffer overflow was found in Sudo that allows a low privileged user to execute commands as root without authentication. This is due to a bug in the “pwfeedback” option. By default, “pwfeedback” is not enabled but there are some Linux distros that do have it enabled by default. Problem This allows attackers to easily perform privilege escalation on Linux or MacOS machines. Implication An attacker who is able… Read More
Security Advisory: A vulnerability with a severity score of 9.8 has been identified in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance
Situation A vulnerability (CVE-2019-19781) with a severity score of 9.8 has been identified in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance. This vulnerability affects the following supported product versions on all supported platforms: • Citrix ADC and Citrix Gateway version 13.0 all supported builds before 13.0.47.24 • NetScaler ADC and NetScaler Gateway version 12.1 • NetScaler ADC and NetScaler Gateway version 12.0 • NetScaler ADC and… Read More