Kaspersky Lab, a global cybersecurity company celebrating 20 years in the market this year, today announced the launch of Earth 2050, an interactive multimedia project that accumulates predictions about social and technological developments for the upcoming 30 years.
Monthly Archives: February 2017
Mobile Advertising Trojans Exploiting Super-User Rights Became the Top Mobile Malware Threat in 2016
Kaspersky Lab today announced the findings of its Mobile Virusology malware report for 2016, which found a near-threefold rise in mobile malware detections compared to 2015 – with a total of 8.5 million malicious installations identified.
Suspected Ransomware Dropzone
A Microsoft Office Mail attachment containing a malicious downloader was observed as part of a ransomware campaign. A remote attacker could send spam e-mails including a downloader and manipulate users to manually enable them. This would allow the malicious code to run and infect the target system.
VegaDNS axfr_get.php Command Injection
A command injection vulnerability exists in the axfr_get.php script of VegaDNS. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the target server. Successful exploitation could allow the attacker to execute arbitrary commands.
Piwik Superuser Unauthorized File Upload
A file upload vulnerability exists in Piwik. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
Magento RSS Brute Force Attempt
A remote attacker can attempt to obtain login credentials to the built-in RSS feed functionality of the Magento platform using brute force. Successful exploitation would allow an attacker to obtain unauthorized access to the Magento Admin login.
RHSA-2017:0334-1: Important: qemu-kvm-rhev security update
Red Hat Enterprise Linux: An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux
OpenStack Platform 5.0 (Icehouse) for RHEL 6.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-2857, CVE-2017-2615, CVE-2017-2620
RHSA-2017:0333-1: Important: qemu-kvm-rhev security update
Red Hat Enterprise Linux: An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux
OpenStack Platform 5.0 (Icehouse) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-2615, CVE-2017-2620
RHSA-2017:0332-1: Important: qemu-kvm-rhev security update
Red Hat Enterprise Linux: An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux
OpenStack Platform 6.0 (Juno) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-2615, CVE-2017-2620
RHSA-2017:0330-1: Important: qemu-kvm-rhev security update
Red Hat Enterprise Linux: An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 8.0
(Liberty).
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-2615, CVE-2017-2620