139 variantes de malware que exploram o Meltdown e Spectre
Os hackers podem estar perto de desenvolver malware que explora falhas, sugere uma empresa de segurança alemã.
Categoria: vulnerability
Adobe remenda zero-day-vulnerability no Flash
Uma falha identificada e desconhecida no Adobe Flash está a ser explorada em ataques direcionados a vítimas da Coréia do Sul e será corrigida na semana de 5 de fevereiro.
A huge botnet doing Windows servers to mine cryptocurrency
Smominru miner has contaminated at least half a million machine, frequently consisting of Windows servers, and spreads via the EternalBlue exploit.
Again Oracle – Critical Vulnerability Affects Over 300,000 Payment Systems
Oracle released a security patch update to resolve a critical vulnerability that affects its MICROS point-of-sale (POS) business solutions for the hospitality industry.
Multiple zero-day vulnerabilities found in ManageEngine products
Digital Defense uncovered multiple, previously undisclosed vulnerabilities within several Zoho ManageEngine products.
Mozilla Patches Critical Vulnerability in Firefox
Mozilla Firefox was patched this week with 58 corrections that can be exploited by a remote attacker for arbitrary code execution. This vulnerability, tracked as CVE-2018-5124, affects Firefox versions 56 through 58 and it has been fixed with the release of Firefox 58.0.1.
Cisco Patches Critical VPN Vulnerability
Another day, another vulnerability. Cisco Systems released this Monday a patch to fix a critical vulnerability in its Secure Sockets Layer VPN solution called Adaptative Security Appliance.
Hijackers can bypass Active Directory controls
Infosec researchers discovered a recent attack on Microsoft’s Active Directory software that let them insert their own domain controller into an existing enterprise setup.
Good news and bad news about Meltdown and Spectre in new Linux kernel
A new version of Linux kernel (4.15) has been released, nonetheless, more work is needed to be done security problems related to Meltdown and Spectre…
VirtualBox patches ten discovered vulnerabilities
Oracle launches released patches for ten vulnerabilities in VirtualBox which allow attackers to break out of guest operating systems and attack the host operating system that VirtualBox runs on.