In recent months, there has been a significant increase in the number of networks and users affected by ransomware known as Locky, discusses ESET’s Diego Perez.
The post Analysis of the Locky infection process appeared first on We Live Security.
Monthly Archives: April 2016
Internet of Things: How to protect smart cars from cyber-attacks
Knight Rider, Back to the Future, Minority Report. What do these movies have in common? Well, it’s the fact that they all talk about the evolution of cars. We may not yet have a car “buddy” like KITT or flying DeLoreans all over the place – but we are in that moment of time when our cars can be hijacked via the internet and a third party take control over the vehicle.
The post Internet of Things: How to protect smart cars from cyber-attacks appeared first on Avira Blog.
Techsoft Web Solutions CMS 2016 Q2 SQL Injection
Techsoft Web Solutions CMS version 2016 Q2 suffers from a remote SQL injection vulnerability.
FortiManager / FortiAnalyzer 5.x Script Insertion
FortiManager and FortiAnalyzer version 5.x suffer from a client-side malicious script insertion vulnerability.
BugCrowd CSV Injection
BugCrowd’s file upload allows for CSVs that may have malicious formulas in them.
MSIE MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free
Microsoft Internet Explorer suffers from a MSHTML!CSVGHelpers::SetAttributeStringAndPointer use-after-free vulnerability.
ifchk 1.0.2
Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
The security review: Remaiten, Trident and World Backup Day
Highlights from the past seven days in information security include insight into Remaiten, the Trident cybersecurity update and the value of backing up your data.
The post The security review: Remaiten, Trident and World Backup Day appeared first on We Live Security.
DSA-3540 lhasa – security update
Marcin Noga discovered an integer underflow in Lhasa, a lzh archive
decompressor, which might result in the execution of arbitrary code if
a malformed archive is processed.
Ansvif 1.3.4
Ansvif is “A Not So Very Intelligent Fuzzer”. It feeds garbage arguments and data into programs trying to induce a fault.