Security researcher Orange recently managed to gain access to a file transfer server at Facebook. He used a set of vulnerabilities that he found in the product that provides the service: the Accellion File Transfer Server (FTA). He notified Facebook under their bug bounty program and was awarded US$ 10,000. Accellion addressed vulnerabilities CVE-2016-2350/1/2/3 in … Continue reading “Accellion FTA Vulnerabilities”
Microsoft published MS16-039 for all versions of Windows on April 12, 2016. MS16-039 addresses four vulnerabilities, one rated “critical” allowing for Remote Code Execution, three rated “important” allowing for escalation of privilege. Two of the “important” vulnerabilities (CVE-2016-0165 and CVE-2016-0167) are under active attack. In a typical scenario an attacker would use a first vulnerability … Continue reading “Microsoft Windows under active attack”
Adobe addressed a partial 0-day vulnerability its Flash player with a software release on April 7, 2016. The new version of Flash fixes 24 vulnerabilities, with CVE-2016-1019 under active attack through the Magnitude Exploit Kit. The vulnerability is a partial 0-day because in the newest version of Flash a mitigation strategy introduced by Adobe prevents … Continue reading “Adobe Flash partial 0-day patched in OOB release”
Adobe announced that a new version of their Flash Player product is expected to be released this week. The new version will address CVE-2016-1019, a critical vulnerability that is currently being exploited in the wild. However, if you are current with your Flash player patches you are protected. If you have the newest Flash player … Continue reading “Adobe Flash Player under new 0-day attack”
Security researcher Kafeine documented attacks against Adobe Flash player v184.108.40.2066 coming from the Angler Exploit Kit. The vulnerability exploited is CVE-2016-1001. Adobe addressed the vulnerability in APSB16-08 on March, 10. The RTI on QId: 124779 is now on level: ExploitKit.
Oracle published a new version of Java today. The new version Java v8 update 77 addresses a single critical vulnerability with CVE code CVE-2016-0636. This vulnerability had been disclosed publically 2 weeks ago on the fulldisclosure list. Security researcher Adam Gowdiak, CEO of Security Explorations classified it as a variant of an older issue (CVE-2013-5838) … Continue reading “Oracle patches 0-day in Java”
Virustotal, a free online service for file-analysis has seen the first samples of RTF files that abuse CVE-2016-0021. CVE-2016-0021 is a Remote Code Execution vulnerability which can be triggered in Word or through the preview pane in Outlook. It was addressed in MS16-029 in Microsoft Patch Tuesday March 2016. We consider Microsoft Word under targeted … Continue reading “Microsoft Word under active Attack (MS16-029)”
On March 10 Adobe released an out-of-band update for their Flash Player that addresses a vulnerability (CVE-2016-1010) actively exploited in targeted attacks. APSB16-08 addresses also another 22 vulnerabilities. A successful exploit of this vulnerability gives the attacker Remote Code Execution on the target machine. Attack vector includes malicious websites set up for the purpose of … Continue reading “Adobe patches 0-day in Flash with out-of-band update”
Popular Bittorrent client Transmission 2.90 for Mac OS X has been trojaned by Ransomware. v2.91 is free of the Ransomware and we recommend to install 2.92 for a version of Transmission that also removes the installed Ransomware.
In January’s Patch Tuesday Microsoft addresses a vulnerability in Silverlight that was reported by Kaspersky. A week later on January 13 Kaspersky reported that the vulnerability was already being exploited in the wild and we set our RTI to “Actively Attacked”. Just 5 weeks later there has been a new development: security researcher @Kafeine has … Continue reading “Angler ExploitKit weaponizes Silverlight MS16-006”