CVE-2017-5330 ark: Unintended execution of scripts and executable files
Monthly Archives: January 2017
Los Angeles College Pays Hackers $28,000 Ransom To Get Its Files Back
Ransomware has turned on to a noxious game of Hackers to get paid effortlessly.
Once again the heat was felt by the Los Angeles Valley College (LAVC) when hackers managed to infect its computer network with ransomware and demanded US$28,000 payment in Bitcoins to get back online.
The cyber-attack occurred over winter break and caused widespread disruption to online, financial aid, email and
CVE-2016-10126 (splunk)
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.
Update Right Away or Wait it Out? Android’s Big Dilemma
If your employees are like most users, they most likely postpone updates for their OS. In other words, your company’s mobile fleet could be at risk. This is especially true if they are using Android devices. When the famous little green robot gives a notification of the update, a good deal of people wait for other users to try it first and then gauge their reaction.
It seems sensible enough, but this practice could put your company’s security in danger. First of all, phones with Android are more susceptible to break-ins than ones with iOS. Then there’s the fact that most corporate phones are equipped with Google’s software, which in itself involves a risk — the good people at Mountain View take longer than Apple to launch updates with security patches when a vulnerability is detected.
So Google lags in its response to threats, but the fragmentation of Android devices makes the response time even longer. It’s not enough for Google alone to launch its update, but will later have to be adapted to the specific make and model that your employees are using. Ultimately, an Android patch takes long enough to arrive without the added time of the user postponing an update.
On the other hand, it is true that some people recommend letting some time pass to see how each individual phone reacts to a new update. This advice, which in principle is completely inadvisable for corporate security, does in fact have a reason for being. Some mid-range models could potentially lose some performance or even some functions when a new OS is installed.
Tips on How to Safeguard Your Corporate Devices
The need to protect the confidentiality of corporate data is underscored by this seemingly quotidian matter. For one thing, it’s crucial that employees have a powerful and recent mobile device so as not to run any risks when updating. Also important is that they always have at their disposition the right protection.
The bottom line: your employees should update their mobile software as soon as it’s available. You should also recommend that they make backup copies beforehand. Doing so will reassure them that there is no risk of losing anything. Finally, they should delete cached data to prevent their device’s losing performance. No stone should go unturned in the protection and safeguarding of your company’s data.
The post Update Right Away or Wait it Out? Android’s Big Dilemma appeared first on Panda Security Mediacenter.
Adobe Reader DC JPEG2000 Out-of-Bounds Read (CVE-2016-7854)
An out-of-bounds read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to improper handling of JPEG2000 images, and could be used to gain sensitive information that may help in further attacks. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted webpage or PDF document.
D-Link DCS-931L File Upload (CVE-2015-2049)
File Upload vulnerability exist in D-Link network cameras. The vulnerability is due to a hidden webpage on the device that allows an attacker to upload arbitrary files from the attackers system. By allowing the attacker to specify the file location to write on the device, the attacker has the ability to upload new functionality.
Microsoft LSASS Denial of Service (MS17-004: CVE-2017-0004)
A denial of service vulnerability exists in Windows. The vulnerability is due to the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker can successfully exploit this vulnerability which could cause a denial of service on the target system and could trigger an automatic reboot of the system.
Imagemagick Compressed TIFF File Conversion Remote Code Execution (CVE-2016-8707)
An out-of-bounds write vulnerability exists in ImageMagick’s convert utility. The vulnerability is due to improper handling of TIFF image data when deflating an Adobe Deflate compressed TIFF image.A remote attacker could exploit this vulnerability by providing a specially crafted TIFF image to a target.
OpenJPEG JPEG2000 Image Processing Out-of-Bounds Write (CVE-2016-8332)
An out-of-bounds write vulnerability has been discovered in OpenJPEG. The vulnerability is due to a lack of validation on the index values of MCC markers when parsing maliciously crafted JPEG2000 image files. A remote attacker could exploit this vulnerability by enticing a user to open a malicious JPEG file with a vulnerable application. Successful exploitation would result in execution of arbitrary attacker code in the security context of the target user.
Microsoft Bowser.sys Information Disclosure (MS16-135: CVE-2016-7218)
An information disclosure vulnerability exists in Microsoft Windows regarding bowser.sys . A local attacker could exploit this vulnerability by running a specially crafted malicious executable file. Successful exploitation of this vulnerability could lead to information disclosure.