TTCSIRT-133.062018: TT-CSIRT Advisory – Chrome Security Updates
Google has released a security update stating that a vulnerability has been discovered in Google Chrome where an attacker could execute arbitrary code in the browser. This is caused by…
Read MoreTTCSIRT-132.061418: TT-CSIRT Advisory – Bind Security Updates
The Internet Systems Consortium (ISC) has released a security update stating that some versions of BIND could improperly permit recursive queries to unauthorized clients. This could allow an attacker to…
Read MoreTTCSIRT-131.061418: TT-CSIRT Advisory – VMware Security Updates
VMware has released a security update stating that VMware AirWatch Agent for Android and Windows Mobile devices contain a remote code execution vulnerability in real time File Manager capabilities. This…
Read MoreCrestron Patches Command Injection Flaw in DGE-100 Controller
Crestron recently addressed a command injection vulnerability in the console service preinstalled on the Digital Graphics Engine 100 (DGE-100) and other hardware controllers made by the company. Tracked as CVE-2018-5553,…
Read MoreNew ‘PyRoMineIoT’ Malware Spreads via NSA-Linked Exploit
A recently discovered piece of crypto-currency miner malware isn’t only abusing a National Security Agency-linked remote code execution exploit to spread, but also abuses infected machines to scan for vulnerable…
Read MoreCode Signing Flaw Affects all Mac OS Versions Since 2005
Okta Rex (Research and Exploitation) researcher Josh Pitts has discovered a method of exploiting the code signing mechanism in MacOS. If exploited, the flaw could allow malicious untrusted code to…
Read More