Researchers from McAfee have observed more than 100 different exploits for a now-patched 19-year-old remote code execution vulnerability in the WinRAR compression tool ever since the path traversal bug was disclosed last month. One of the more unique exploit attempts to infect unpatched victims with malware using a bootlegged copy of Ariana Grande’s “Thank U,…
WordPress has released a security and maintenance patch which introduces 14 fixes and enhancements designed to help hosts prepare users for the minimum PHP version bump in version 5.2. In April 2019, WordPress will up the minimum PHP version requirement to be 5.6 and sites that remain on 5.5 or lower will still receive security…
Pinchy Spider and its affiliated cybergangs are reacting to attempts to decrypt and defend against their flagship malware GandCrab by altering how the ransomware is deployed and recruiting new members to broaden the gang’s cyberskills. New studies by Crowdstrike and SophosLabs show Pinchy Spider is turning toward a “Big Game Hunting” deployment model where the…
Out with the old, in with the… Old Phantom Crypter, which despite its name is actually a new Microsoft Office exploit builder that’s been surpassing its predecessors in popularity among the cybercriminal community. Gabor Szappanos, principal malware researcher at SophosLabs, described the ascendance of Old Phantom yesterday in a company blog post, which links to…
Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…
Apple yesterday released security updates for iOS and macOS Mojave, repairing four vulnerabilities, including two that a Google researcher says were exploited in the wild as zero days. The two exploited flaws consisted of memory corruption issues caused by insufficient input validation. The first, CVE-2019-7286, is a privilege escalation vulnerability in the Foundation framework that…
A research firm has disclosed multiple vulnerabilities in the Remote Desktop Protocol that, if left unpatched, could allow compromised or infected machines to attack the RDP clients that remotely connect to them. In a blog post today, Check Point Software Technologies researcher Eyal Itkin refers to this scenario as a reverse RDP attack because the…
Cisco Systems last week issued security advisories for two dozen vulnerabilities, including two high-severity flaws in its Small Business RV320 and RV325 dual gigabit WAN VPN routers, which attackers are reportedly already trying to exploit with published proof-of-concept code. Device owners are advised to immediately download Cisco’s patches for the two exploited flaws, both of…
Researchers have developed proof-of-concept malware capable of compromising Building Automation Systems after discovering two critical bugs in a BAS programmable logic controller (PLC). Created by experts at ForeScout, the malware exploits both vulnerabilities in combination with several older flaws that were previously known to the public, according to a ForeScout white paper released today in…
Researchers from a combination of academic and corporate backgrounds have disclosed a newly discovered side-channel attack technique that targets the operating system page cache and affects devices regardless of hardware architecture or OS. “The page cache is a pure software cache that contains all disk-backed pages, including program binaries, shared libraries,and other files, and our attacks…
