A newly discovered Android Trojan is abusing Telegram’s Bot API to communicate with the command and control (C&C) server and to exfiltrate data, Palo Alto Networks security researchers warn. Dubbed TeleRAT, the malware appears to be originating from and/or to be targeting individuals in Iran. The threat is similar to the previously observed IRRAT Trojan, …
As Facebook reels from the scandal over hijacked personal data, a movement to quit the social network gathered momentum Wednesday, portending threats to one of the most powerful internet firms. In a sign of the mood, one of those calling it quits was a high-profile co-founder of the WhatsApp messaging service acquired by Facebook in …
VMware has released a security update stating that VMware Workstation and Fusion contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. In order for the exploitation to take place a VNC must be manually enabled. Further information on this vulnerability and how it can be mitigated can be …
Adobe has released a security update stating that a vulnerability has been discovered in Adobe Dreamweaver where an OS Command Injection could be inserted into the URI Handler of the application. This could allow the attacker to perform arbitrary remote code execution. Further information on this vulnerability and how it can be fixed can be …
The Samba Team has released a security update stating that all versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spools service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spools RPC calls could cause …
Mozilla has released a security update stating that the following vulnerabilities have been fixed for FireFox Browser ver 59.0: a) Buffer overflow manipulating SVG animatedPathSegList – CVE-2018-5127 b) Use-after-free manipulating editor selection ranges – CVE-2018-5128 c) Out-of-bounds write with malformed IPC messages – CVE-2018-5129 d) Mismatched RTP payload type can trigger memory corruption – CVE-2018-5130 …
Cisco has released a security update stating that a vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to the FTP server of the device without a valid password. The attacker does need to have a valid username. The vulnerability is due to …
Google has reported that the following vulnerabilities have been discovered in Google Chrome: a) Use after free in Flash – (CVE-2018-6058, CVE-2018-6059) b) Incorrect permissions on shared memory – (CVE-2018-6057, CVE-2018-6063) c) Use after free in Blink – (CVE-2018-6060) d) Race condition in V8 – (CVE-2018-6061) e) Heap buffer overflow in Skia – (CVE-2018-6062) f) …
Google has reported that multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: a) Multiple elevation of privilege vulnerabilities in Kernel components – (CVE-2017-16525, CVE-2017-16530) b) Multiple information disclosure vulnerabilities …
Red Hat has released a security update stating that it is aware of DDoS (Distributed Denial of Service) amplification attacks being performed by exploiting memcached servers exposed to the public Internet. These attacks take advantage of memcached communication using the UDP protocol for transport. The attack is effective because of the high amplification ratio – …