TTCSIRT-190.122718: TT-CSIRT Advisory – Chrome Security Updates
Google has released a security update stating that an use-after-free issue in PDFium could allow for arbitrary code execution (CVE-2018-17481). Successful exploitation of this vulnerability could allow an attacker to…
Read MoreTTCSIRT-189.121318: TT-CSIRT Advisory – Mozilla Security Updates
Mozilla has released a security update stating that it has discovered the following issues with Microsoft FireFox ver 64.0: a) A buffer overflow occurs when drawing and validating elements with…
Read MoreTTCSIRT-188.121318: TT-CSIRT Advisory – WordPress Security Updates
WordPress has released a security update stating that it has discovered the following vulnerabilities with WordPress ver 5.0 and earlier: a) Authors can alter meta data to delete files that…
Read MoreFake iOS Fitness Apps Steal Money
A series of iOS applications posing as fitness-tracking tools have been stealing users’ money by abusing the Touch ID feature, ESET has discovered. The trick used by the fake fitness…
Read MoreMalware Dropper Supports a Dozen Decoy Document Formats
A recently discovered malware dropper has the ability to use nearly a dozen decoy document file formats to drop various payloads, Palo Alto Networks security researchers warn. Dubbed CARROTBAT, the…
Read MoreSymantec Unveils USB Scanning Station for ICS, IoT Environments
Symantec on Wednesday unveiled a new product designed to protect critical infrastructure organizations, including industrial and Internet of Things (IoT) environments, against USB-borne threats. Industrial Control System Protection (ICSP) Neural…
Read More