While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.
Tag Archives: Cisco Talos
Attacks Heating Up Against Apache Struts 2 Vulnerability
Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.
New Fileless Attack Using DNS Queries to Carry Out PowerShell Commands
A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.
Malvertising Campaign Pushing Neutrino Exploit Kit Shut Down
Researchers uncovered a global malvertising campaign exposing potentially millions of users to the risk of being hit with CrypMIC ransomware delivered via the Neutrino Exploit Kit.
New Heap-Spray Exploit Tied To LZH Archive Decompression
Researchers found a vulnerability in the classic compression standard Lhasa, once a mainstay for game developers in the mid-90s and still in use today.
Patched Apple Bug Paved Way to Root Compromises
Apple patched an OS X vulnerability in a kernel driver that could give attackers root-level privileges on a Mac computer, researchers at Cisco Talos said.
MiniUPnP Vulnerability Clears Way for Stack Smashing Attack
Cisco has demonstrated an attack against Stack Smashing Protection in Linux systems that is facilitated by a critical vulnerability in MiniUPnP.
AutoIt Used in Targeted Attacks to Move RATs
Researchers at Cisco spotted targeted attacks moving remote access Trojans via the AutoIt administration and scripting tool.
Windows 10 Upgrade Spam Carries CTB-Locker Ransomware
Spam messages spoofing Microsoft and promising a free Windows 10 upgrade instead drop the CTB-Locker crypto-ransomware on compromised machines.
Patched Apple QuickTime Vulnerability Details Disclosed
Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.