• Petya Ransomware


    A new version of the ransomware, Petya, has spread rapidly to many countries (including UK, Spain, Russia, Vietnam and Germany), with particular impact in Ukraine, in a matter of hours today. Petya is utilizing MS17-010, or ETERNALBLUE, a vulnerability disclosed by the Shadow Brokers to distribute this strain of ransomware. ETERNALBLUE uses Windows SMB remote […]

    View Details
  • WannaCryptor 2.0 Ransomware


    A new ransomware variant, WannaCryptor 2.0, has spread rapidly to many countries (including UK, Spain, Russia, Vietnam and Germany) in the course of hours today. WannaCryptor 2.0 is utilizing MS17-010, or ETERNALBLUE, a vulnerability disclosed by the Shadow Brokers to distribute this strain of ransomware. ETERNALBLUE uses Windows SMB remote code execution (CVE-2017-0143 through CVE-2017-0148). Additional […]

    View Details
  • Hackers Exploit Apache Struts Vulnerability to Compromise Corporate Web Servers


    A remote code execution vulnerability affecting the default Jakarta Multipart parser in Apache Struts has recently been disclosed.

    View Details
  • “Ticketbleed” Flaw Exposes F5 Appliances to Remote Attacks


    A vulnerability, colloquially referred to as Ticketbleed vulnerability has been discovered in the TLS/SSL stack used by F5 Networks Inc. in their BIG-IP products. This vulnerability affects BIG-IP SSL virtual servers with the non-default session...

    View Details
  • Tax Season and W-2 Phishing


    Identity theft and tax refund fraud have been prevalent in United States for some time. Now that tax season is upon us, threat actors will increase their efforts to gain access to employee information on a company-wide scale through targeted...

    View Details
  • Unsecured Elasticsearch Clusters Have Been Compromised


    The owners of Elasticsearch clusters began reporting on January 12, 2017 that their databases had been wiped and their indexes had been replaced by a single index demanding payment to a specified wallet in order for the user to recover the database...

    View Details
  • Firefox SVG Parser Use-After-Free Zero Day Exploit

    CST:FIREFOX-SVG-UAF


    On November 29, 2016 a critical Firefox zero day exploit was disclosed on a Tor mailing list. The exploit targets a use-after-free vulnerability in Firefox’s SVG parser. The Javascript-based exploit can be triggered by a user visiting a malicious website. If successful, the exploit would allow the attacker to send direct system calls to kernel32.dll which could allow the entire system to be compromised.

    View Details
  • Padding Oracle in AES-NI CBC MAC Check (CVE-2016-2107)


    The developers of the OpenSSL project recently announced several vulnerabilities in the OpenSSL cryptography software.

    View Details
  • OpenSSL memory corruption vulnerability in the ASN.1 encoder (CVE -2016-2108)


    CVE-2016-2018 is a memory corruption vulnerability in the ASN.1 encoder which has the potential to crash a program or service as well as the potential to cause the program or service to exhibit strange or erratic behavior.

    View Details
  • OpenSSL memory corruption vulnerability in the ASN.1 encoder

    CVE -2016-2108


    CVE-2016-2018 is a memory corruption vulnerability in the ASN.1 encoder which has the potential to crash a program or service as well as the potential to cause the program or service to exhibit strange or erratic behavior.

    View Details