Web Security | SC Media

Web Security

Drupal releases correct four moderately critical third-party vulnerabilities


Drupal this week issued a series of security releases to fix four “moderately critical” vulnerabilities, three related to the content management system’s Symfony PHP web application framework and a fourth involving the jQuery project JavaScript library. The three Symfony issues consist of: A cross-site scripting bug caused by the failure of validation messages in the…

Report: Ecuadorian websites besieged by cyberattacks following Julian Assange’s arrest


Since Julian Assange’s arrest and removal from London’s Ecuadorian embassy last week, the websites of Ecuador’s public institutions have been subjected to roughly 40 million cyberattacks, Agence France-Presse reported yesterday. The attacks have primarily originated from the U.S., Brazil, Ecuador itself, and European nations including the Netherlands, Germany, Romania, France, Austria and the UK, said…

Critical vulnerability in Apache HTTP Server patched


A critical vulnerability in Apache HTTP Server that if exploited could allow an attacker to gain full root control has been patched. The cause, dubbed Carpe Diem by the researcher who discovered it Ambionics engineer Charles Fol, affects Apache HTTP Server versions 2.4.17 to 2.4.38. The vulnerability, CVE-2019-0211, is a privilege escalation issue that happens…

South Korean websites hit with rare waterhole phishing scheme


Security researchers have come across a waterholing campaign that have compromised four South Korean websites by injecting fake login forms to steal user credentials. Trend Micro described the campaign, which it named Soula, as a significant threat to enterprises and users and possibly the first step being taken by a cybercriminal group to launch a…


Paper: Leaked authentication secrets rampant across GitHub


An academic study of GitHub found that more than 100,000 of the web service’s code repositories contain publicly accessible authentication secrets such as API and cryptographic keys, while thousands of new secrets are leaked each day. North Carolina State University researchers Michael Meli, Matthew McNiece (also from Cisco Systems) and Bradley Reaves detail their findings…

Facebook patches denial-of-service flaw in its open-source Fizz TLS implementation


Facebook last month patched a critical denial-of-service vulnerability in Fizz, its open-source implementation for Transport Layer Security protocol TLS 1.3, researchers have reported. Unauthenticated remote attackers could exploit the flaw to create an “infinite loop,” causing the web service to be unavailable for other users and thus disrupting service, according to a March 19 blog…

Mozilla’s latest Firefox releases fix 22 vulnerabilities


The Mozilla Foundation yesterday issued version 66 of Firefox and 60.6 of Firefox Extended Support Release (ESR), in the process patching 22 vulnerabilities between them, five of them critical. Four of the five most severe flaws were found in both the standard and ESR versions of the web browser. This includes CVE-2019-9790, a use-after-free vulnerability…

Facebook sues app makers over browser extensions that allegedly scraped user data


Facebook has filed a lawsuit against two Ukrainian men accused of creating fraudulent quiz applications that tricked users into installing malicious browser extensions. These extensions allegedly scraped information from users’ social media pages and injected unapproved advertisements when users would visit various social networking sites, including Facebook. As reported in The Verge, Facebook filed the…

Locky Ransomware

New B0r0nt0K ransomware roughs up Linux servers


Linux servers and possibly Windows-based machines as well are susceptible to a newly discovered ransomware called B0r0nt0K that encrypts affected data with a base64 algorithm. Bleeping Computer reported the threat on Sunday after one of its forum visitors published a post about a client whose website web server was infected. The server, which runs on…

Malvertising attacks using polyglot images spotted in the wild


The malvertising space may be seeing an influx of more advanced threat actors according one research report that found polyglot images now being used to disguise malvertising attacks. Some malvertising attacks now use polyglot images. Polyglot images, which differ from their near cousins steganographic images primarily by not needing an external script to extract the…

Next post in Malware