Splunk recently addressed Vulnerability-related.PatchVulnerability several vulnerabilities in Enterprise and Light products , some of them have been rated “ high severity. ” Splunk Enterprise solution allows organizations to aggregate , search , analyze , and visualize data from various sources that are critical to business operations . The Splunk Light is a comprehensive solution for small IT environments that automates log analysis and integrate server and network monitoring . “ To mitigate these issues , Splunk recommends upgrading Vulnerability-related.PatchVulnerability to the latest release and applying Vulnerability-related.PatchVulnerability as many of the Hardening Standards from the Securing Splunk documentation as are relevant to your environment . Splunk Enterprise and Splunk Light releases are cumulative , meaning that future releases will contain fixes to these vulnerabilities , new features and other bug fixes , ” reads the advisory published Vulnerability-related.PatchVulnerability by Splunk . The most severe issue fixed Vulnerability-related.PatchVulnerability by the company is a high severity cross-site scripting ( XSS ) flaw in the Web interface , tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-7427 , that received the CVSS score of 8.1 . Another severe vulnerability is a DoS flaw tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-7432 that could be exploited Vulnerability-related.DiscoverVulnerability using malicious HTTP requests sent to Splunkd that is the system process that handles indexing , searching and forwarding . This issue was tracked as Vulnerability-related.DiscoverVulnerability “ medium severity ” by the company . The company also addressed Vulnerability-related.PatchVulnerability a denial-of-service ( DoS ) vulnerability , tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-7429 , that could be exploited Vulnerability-related.DiscoverVulnerability by an attacker by sending a specially crafted HTTP request to Splunkd . The last flaw addressed Vulnerability-related.PatchVulnerability by the vendor , tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-7431 , is a path traversal issue that allows an authenticated attacker to download arbitrary files from the vendor Django app . The vulnerability has been rated Vulnerability-related.DiscoverVulnerability “ medium severity. ” The vendor declared it has found Vulnerability-related.DiscoverVulnerability no evidence that these vulnerabilities have been exploited Vulnerability-related.DiscoverVulnerability in attacks in the wild .

The bugs let hackers crash IoT devices , leak Attack.Databreach their information , and completely take them over . Researchers have found Vulnerability-related.DiscoverVulnerability that a popular Internet of Things real-time operating system – FreeRTOS – is riddled with serious vulnerabilities . The bugs could allow hackers to crash connected devices in smart homes or critical infrastructure systems , leak Attack.Databreach information from the devices ’ memory , and take them over . And while patches have been issued Vulnerability-related.PatchVulnerability , researchers warn that it still may take time for smaller vendors to update Vulnerability-related.PatchVulnerability . Researcher Ori Karliner , with Zimperium ’ s zLabs team , recently analyzed some of the leading operating systems in the IoT market – including FreeRTOS , an open-source OS specifically designed for the microcontrollers that are within IoT devices . Within several versions of FreeRTOS , Karliner found Vulnerability-related.DiscoverVulnerability 13 vulnerabilities enabling an array of attacks , including remote code execution , information leak and denial-of-service bugs . “ During our research , we discovered Vulnerability-related.DiscoverVulnerability multiple vulnerabilities within FreeRTOS ’ s TCP/IP stack and in the AWS secure connectivity modules . The same vulnerabilities are present in Vulnerability-related.DiscoverVulnerability WHIS Connect TCP/IP component for OpenRTOS\SafeRTOS , ” according to a Thursday post by zLabs . The vulnerabilities specifically exist in Vulnerability-related.DiscoverVulnerability FreeRTOS ’ s TCP/IP stack and in the AWS secure connectivity modules ( in as well as in the WHIS Connect TCP/IP component for OpenRTOS\SafeRTOS ) . These vulnerabilities include four remote code execution bugs ( CVE-2018-16522 , CVE-2018-16525 , CVE-2018-16526 , and CVE-2018-16528 ) ; seven information leak vulnerabilities ( CVE-2018-16524 , CVE-2018-16527 , CVE-2018-16599 , CVE-2018-16600 , CVE-2018-16601 , CVE-2018-16602 , CVE-2018-16603 ) one denial of service flaw ( CVE-2018-16523 ) and a final ( CVE-2018-16598 ) that was unspecified . zLabs said Vulnerability-related.DiscoverVulnerability it has disclosed Vulnerability-related.DiscoverVulnerability the security issues to Amazon and collaborated with them to patch Vulnerability-related.PatchVulnerability the vulnerabilities . Those fixes were deployed Vulnerability-related.PatchVulnerability for AWS FreeRTOS versions 1.3.2 and onwards . The vulnerabilities in RTOS WHIS were also patched Vulnerability-related.PatchVulnerability . Amazon did not respond to a request for comment from Threatpost . Due to the amount of vendors impacted Vulnerability-related.DiscoverVulnerability by the bugs , the researchers said Vulnerability-related.DiscoverVulnerability that they would hold off on publishing Vulnerability-related.DiscoverVulnerability further details until all holes have been sealed Vulnerability-related.PatchVulnerability .

Researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in Foscam connected security cameras that could enable a bad actor to gain root access knowing only the camera ’ s IP address . Foscam is urging customers to update Vulnerability-related.PatchVulnerability their security cameras after researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera ’ s IP address . The vulnerability trifecta includes an arbitrary file-deletion bug , a shell command-injection flaw and a stack-based buffer overflow vulnerability according to the researchers at VDOO who found Vulnerability-related.DiscoverVulnerability the flaws . The proof-of-concept attack revolved around a process in the cameras called webService , which receives requests from servers and can be used to verify the user ’ s credentials , if necessary , and run the handler for the desired API command . To launch an attack , an attacker would have to obtain Attack.Databreach the camera ’ s IP address or DNS name . Generally if the camera is configured so that it has direct interface to the internet , its address might be exposed Attack.Databreach to certain internet scanners . The PoC attacker then crashed the webService process by exploiting the stack-based buffer overflow vulnerability ( CVE-2018-6832 ) . After it crashes , the webService process automatically restarts via the watchdog daemon ( which restarts important processes after they ’ re terminated ) , and during the process reload , an attacker could leverage a second flaw , the arbitrary file-deletion vulnerability ( CVE-2018-6830 ) , to delete certain critical files . This will result in authentication bypass when the webService process reloads ; so that the bad actor is able to gain administrative credentials . From there , an attacker could use the third vuln ( CVE-2018-6831 ) to execute root commands . This bug is a shell command-injection vulnerability that requires administrator credentials . “ Since the adversary gained administrator credentials in the previous stage , he can now use this vulnerability to execute commands as the root user for privilege escalation , ” researchers said . The Internet of Things continues to post a significant problem as many connected devices lack proper security controls . The 2016 Mirai botnet attack , which was orchestrated as a distributed denial of service attack through 300,000 vulnerable IoT devices like webcams , routers and video recorders , showed just how big of an impact the lack of IoT security has . The patches also come after Vulnerability-related.PatchVulnerability reports of a hacked baby camera emerged last week , when a woman from South Carolina said a stranger hacked into her baby monitor to spy on her and her family . These IoT security incidents show not only that connected products are highly vulnerable to security hacks , but also that such hacks could mean a complete invasion of privacy at the most personal level . Foscam , for its part , urged customers to upgrade Vulnerability-related.PatchVulnerability their cameras as soon as possible , saying that “ the latest firmware for Foscam cameras utilizes protection against various types of online hacking and unauthorized access. ” It added , “ Foscam is fully committed to maintaining the safety and integrity of our user experience and will take all action reasonably necessary to ensure the privacy and security of our cameras . ”

Researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in Foscam connected security cameras that could enable a bad actor to gain root access knowing only the camera ’ s IP address . Foscam is urging customers to update Vulnerability-related.PatchVulnerability their security cameras after researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera ’ s IP address . The vulnerability trifecta includes an arbitrary file-deletion bug , a shell command-injection flaw and a stack-based buffer overflow vulnerability according to the researchers at VDOO who found Vulnerability-related.DiscoverVulnerability the flaws . The proof-of-concept attack revolved around a process in the cameras called webService , which receives requests from servers and can be used to verify the user ’ s credentials , if necessary , and run the handler for the desired API command . To launch an attack , an attacker would have to obtain Attack.Databreach the camera ’ s IP address or DNS name . Generally if the camera is configured so that it has direct interface to the internet , its address might be exposed Attack.Databreach to certain internet scanners . The PoC attacker then crashed the webService process by exploiting the stack-based buffer overflow vulnerability ( CVE-2018-6832 ) . After it crashes , the webService process automatically restarts via the watchdog daemon ( which restarts important processes after they ’ re terminated ) , and during the process reload , an attacker could leverage a second flaw , the arbitrary file-deletion vulnerability ( CVE-2018-6830 ) , to delete certain critical files . This will result in authentication bypass when the webService process reloads ; so that the bad actor is able to gain administrative credentials . From there , an attacker could use the third vuln ( CVE-2018-6831 ) to execute root commands . This bug is a shell command-injection vulnerability that requires administrator credentials . “ Since the adversary gained administrator credentials in the previous stage , he can now use this vulnerability to execute commands as the root user for privilege escalation , ” researchers said . The Internet of Things continues to post a significant problem as many connected devices lack proper security controls . The 2016 Mirai botnet attack , which was orchestrated as a distributed denial of service attack through 300,000 vulnerable IoT devices like webcams , routers and video recorders , showed just how big of an impact the lack of IoT security has . The patches also come after Vulnerability-related.PatchVulnerability reports of a hacked baby camera emerged last week , when a woman from South Carolina said a stranger hacked into her baby monitor to spy on her and her family . These IoT security incidents show not only that connected products are highly vulnerable to security hacks , but also that such hacks could mean a complete invasion of privacy at the most personal level . Foscam , for its part , urged customers to upgrade Vulnerability-related.PatchVulnerability their cameras as soon as possible , saying that “ the latest firmware for Foscam cameras utilizes protection against various types of online hacking and unauthorized access. ” It added , “ Foscam is fully committed to maintaining the safety and integrity of our user experience and will take all action reasonably necessary to ensure the privacy and security of our cameras . ”

Researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in Foscam connected security cameras that could enable a bad actor to gain root access knowing only the camera ’ s IP address . Foscam is urging customers to update Vulnerability-related.PatchVulnerability their security cameras after researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera ’ s IP address . The vulnerability trifecta includes an arbitrary file-deletion bug , a shell command-injection flaw and a stack-based buffer overflow vulnerability according to the researchers at VDOO who found Vulnerability-related.DiscoverVulnerability the flaws . The proof-of-concept attack revolved around a process in the cameras called webService , which receives requests from servers and can be used to verify the user ’ s credentials , if necessary , and run the handler for the desired API command . To launch an attack , an attacker would have to obtain Attack.Databreach the camera ’ s IP address or DNS name . Generally if the camera is configured so that it has direct interface to the internet , its address might be exposed Attack.Databreach to certain internet scanners . The PoC attacker then crashed the webService process by exploiting the stack-based buffer overflow vulnerability ( CVE-2018-6832 ) . After it crashes , the webService process automatically restarts via the watchdog daemon ( which restarts important processes after they ’ re terminated ) , and during the process reload , an attacker could leverage a second flaw , the arbitrary file-deletion vulnerability ( CVE-2018-6830 ) , to delete certain critical files . This will result in authentication bypass when the webService process reloads ; so that the bad actor is able to gain administrative credentials . From there , an attacker could use the third vuln ( CVE-2018-6831 ) to execute root commands . This bug is a shell command-injection vulnerability that requires administrator credentials . “ Since the adversary gained administrator credentials in the previous stage , he can now use this vulnerability to execute commands as the root user for privilege escalation , ” researchers said . The Internet of Things continues to post a significant problem as many connected devices lack proper security controls . The 2016 Mirai botnet attack , which was orchestrated as a distributed denial of service attack through 300,000 vulnerable IoT devices like webcams , routers and video recorders , showed just how big of an impact the lack of IoT security has . The patches also come after Vulnerability-related.PatchVulnerability reports of a hacked baby camera emerged last week , when a woman from South Carolina said a stranger hacked into her baby monitor to spy on her and her family . These IoT security incidents show not only that connected products are highly vulnerable to security hacks , but also that such hacks could mean a complete invasion of privacy at the most personal level . Foscam , for its part , urged customers to upgrade Vulnerability-related.PatchVulnerability their cameras as soon as possible , saying that “ the latest firmware for Foscam cameras utilizes protection against various types of online hacking and unauthorized access. ” It added , “ Foscam is fully committed to maintaining the safety and integrity of our user experience and will take all action reasonably necessary to ensure the privacy and security of our cameras . ”

Mozilla released Vulnerability-related.PatchVulnerability nine fixes in its Wednesday launch of Firefox 62 for Windows , Mac and Android – including one for a critical glitch that could enable attackers to run arbitrary code . Overall , the latest version of the Firefox browser included Vulnerability-related.PatchVulnerability fixes for the critical issue , three high-severity flaws , two moderate problems and three low-severity vulnerabilities . Topping the list is a memory safety bug ( CVE-2018-12376 ) , discovered Vulnerability-related.DiscoverVulnerability by a number of Mozilla developers and community members . A critical impact bug means the vulnerability can be used to run attacker code and install software , requiring no user interaction beyond normal browsing , according to Mozilla . The memory safety problem , which exists in Vulnerability-related.DiscoverVulnerability Firefox 61 and Firefox ESR 60 , meets these criteria , researchers said Vulnerability-related.DiscoverVulnerability . Mozilla didn ’ t release further details , but it did assign one CVE Vulnerability-related.DiscoverVulnerability to represent multiple similar issues . In addition to the memory safety bug ( s ) , Mozilla also fixed Vulnerability-related.PatchVulnerability three high-severity vulnerabilities in its latest update . These include a use-after-free glitch in refresh driver timers ( CVE-2018-12377 ) , which power browser-page refreshes . Another high-severity bug ( CVE-2018-12378 ) is a use-after-free vulnerability that occurs Vulnerability-related.DiscoverVulnerability when an IndexedDB index ( a low-level API for client-side storage of significant amounts of structured data ) is deleted while still in use by JavaScript code providing payload values . “ This results in a potentially exploitable crash , ” the advisory said . Mozilla developers and community members also found Vulnerability-related.DiscoverVulnerability a memory-safety bug ( CVE-2018-12375 ) in Firefox 61 , which showed evidence of memory corruption and could be exploited Vulnerability-related.DiscoverVulnerability to run arbitrary code , according to the advisory . The moderate and low-severity fixes that were deployed Vulnerability-related.PatchVulnerability in Firefox 62 include patches for an out-of-bounds write flaw ( triggered when the Mozilla Updater opens a MAR format file that contains a very long item filename ) ; and a proxy bypass glitch in the browser ’ s proxy settings . Firefox 62 for desktop is available Vulnerability-related.PatchVulnerability for download on Mozilla ’ s website .

Tavis Ormandy , a Google Project Zero security researcher , has revealed Vulnerability-related.DiscoverVulnerability details about a new major vulnerability discovered Vulnerability-related.DiscoverVulnerability in Ghostscript , an interpreter for Adobe 's PostScript and PDF page description languages . Ghostscript is by far the most widely used solution of its kind . The Ghostscript interpreter is embedded in hundreds of software suites and coding libraries that allow desktop software and web servers to handle PostScript and PDF-based documents . Exploiting the bug Ormandy discovered Vulnerability-related.DiscoverVulnerability requires that an attacker sends a malformed PostScript , PDF , EPS , or XPS file to a victim . Once the file reaches the Ghostscript interpreter , the malicious code contained within will execute an attacker 's desired on that machine . The vulnerability , which has not received a CVE Vulnerability-related.DiscoverVulnerability identifier just yet , allows an attacker to take over applications and servers that use vulnerable versions of Ghostscript . At the time of writing , there is no fix available Vulnerability-related.PatchVulnerability . By far , the most affected projects are the ImageMagick image processing library , but also many Linux distros where this library ships by default . RedHat and Ubuntu have already confirmed they are affected , according to a CERT/CC security advisory released today . `` I * strongly * suggest that [ Linux ] distributions start disabling PS , EPS , PDF and XPS coders in [ ImageMagick 's ] policy.xml by default , '' Ormandy said . Because of Ghostscript 's broad adoption in the web dev and software dev communities , Ormandy has had his eyes set on Ghostscript for the past few years . He discovered Vulnerability-related.DiscoverVulnerability similar high severity issues affecting Vulnerability-related.DiscoverVulnerability Ghostscript in 2016 and again in 2017 . The vulnerability he found Vulnerability-related.DiscoverVulnerability in 2017 —CVE-2017-8291— was adopted by North Korean hackers , who used it to break into South Korean cryptocurrency exchanges , steal funds , and later plant false flags in an attempt to pin the hacks on Chinese-speaking threat actors . Because of Ghostscript 's wide adoption , any bugs , and especially those that lead to remote code execution , are highly sought-after by any threat actor .

A Russian vulnerability researcher and exploit developer has published Vulnerability-related.DiscoverVulnerability detailed information about a zero-day vulnerability in VirtualBox . His explanations include step-by-step instructions for exploiting the bug . According to the initial details in the disclosure Vulnerability-related.DiscoverVulnerability , the issue is present Vulnerability-related.DiscoverVulnerability in a shared code base of the virtualization software , available on all supported operating systems . Exploiting Vulnerability-related.DiscoverVulnerability the vulnerability allows an attacker to escape the virtual environment of the guest machine and reach the Ring 3 privilege layer , used for running code from most user programs , with the least privileges . Turning one `` overflow '' into another Sergey Zelenyuk found Vulnerability-related.DiscoverVulnerability that the security bug can be leveraged on virtual machines configured with the Intel PRO/1000 MT Desktop ( 82540EM ) network adapter in Network Address Translation ( NAT ) mode , the default setup that allows the guest system to access external networks . `` The [ Intel PRO/1000 MT Desktop ( 82540EM ) ] has a vulnerability allowing an attacker with root/administrator privileges in a guest to escape to a host ring3 . Then the attacker can use existing techniques to escalate privileges to ring 0 via /dev/vboxdrv , '' Zelenyuk writes Vulnerability-related.DiscoverVulnerability in a technical write-up on Tuesday . Zelenyuk says that an important aspect in getting how the vulnerability works is to understand that context descriptors are processed before data descriptors . The researcher describes the mechanics behind the security flaw in detail , showing how to trigger the necessary conditions to obtain a buffer overflow that could be abused to escape the confinements of the virtual operating system . First , he caused an integer underflow condition using packet descriptors - data segments that allow the network adapter to track network packet data in the system memory . This state was then leveraged to read data from the guest OS to into a heap buffer and cause an overflow condition that could lead to overwriting function pointers ; or to cause a stack overflow condition .

It has not been a good week for PDF programs . We had an Adobe Acrobat & Reader update released Vulnerability-related.PatchVulnerability yesterday that fixed Vulnerability-related.PatchVulnerability 86 vulnerabilities , including numerous critical ones . Not to be beaten , an update for Foxit PDF Reader and Foxit PhantomPDF was released Vulnerability-related.PatchVulnerability last Friday that fixes Vulnerability-related.PatchVulnerability a whopping 116 vulnerabilities , with 18 of them being discovered Vulnerability-related.DiscoverVulnerability by the Cisco Talos group . All of the 18 vulnerabilities found Vulnerability-related.DiscoverVulnerability by Cisco Talos , as well as many others fixed Vulnerability-related.PatchVulnerability by this update , are labeled as critical because they could lead to code execution . This would allow attackers to create Attack.Phishing specially crafted web pages or PDFs that could exploit these vulnerabilities to execute commands or install malware on vulnerable computers . Of the 18 vulnerabilities disclosed Vulnerability-related.DiscoverVulnerability by Cisco , 12 of them could be exploited Vulnerability-related.DiscoverVulnerability simply by visiting a web site when the Foxit PDF browser plugin is enabled . Foxit suggests that all users of Foxit PDF Reader and Foxit PhantomPDF upgrade Vulnerability-related.PatchVulnerability to version 9.3 to resolve Vulnerability-related.PatchVulnerability these vulnerabilities . Foxit PDF Reader 9.3 can be downloaded here and Foxit PhantomPDF can be downloaded here . It is strongly suggested that all users install this update . The full list of patched vulnerabilities is below and more information about who discovered Vulnerability-related.DiscoverVulnerability the vulnerabilities can be found Vulnerability-related.DiscoverVulnerability in Foxit 's security bulletin .

Another critical security hole has been found Vulnerability-related.DiscoverVulnerability in Apache Struts 2 , requiring an immediate update . The vulnerability – CVE-2018-11776 – affects Vulnerability-related.DiscoverVulnerability core code and allows miscreants to pull off remote code execution against vulnerable servers and websites . It affects Vulnerability-related.DiscoverVulnerability all versions of Struts 2 , the popular open-source framework for Java web apps . The Apache Software Foundation has `` urgently advised '' anyone using Struts to update Vulnerability-related.PatchVulnerability to the latest version immediately , noting that the last time a critical hole was found Vulnerability-related.DiscoverVulnerability , the holes were being exploited Vulnerability-related.DiscoverVulnerability in the wild just a day later . In other words , if you delay in patching Vulnerability-related.PatchVulnerability , your organization will be compromised in short order via this bug , if you are running vulnerable systems . It was that earlier flaw that led to a nightmare data breach Attack.Databreach from credit company Equifax after it failed to patch Vulnerability-related.PatchVulnerability swiftly enough . The details of nearly 150 million people were exposed Attack.Databreach , costing the company more than $ 600m , so this is not something to be taken lightly . The company that discovered Vulnerability-related.DiscoverVulnerability the vulnerability – Semmle Security Research Team – warns that this latest one is actually worse that the one last year , which it also found Vulnerability-related.DiscoverVulnerability . It has published a blog post with more information . Semmle found Vulnerability-related.DiscoverVulnerability the hole back in April and reported Vulnerability-related.DiscoverVulnerability it to Apache , which put out Vulnerability-related.PatchVulnerability a patch in June that it has now pulled Vulnerability-related.PatchVulnerability into formal updates ( 2.3.35 for those using version 2.3 and 2.5.17 for those on 2.5 ) . As mentioned , the vulnerability is in the core code and does n't require additional plugins to work . It is caused by insufficient validation of untrusted user data in the core of the Struts framework , and can be exploited in several different ways . Semmle says it has identified two different vectors but warns there may be others . Since it can be used remotely and due to the fact that Struts is typically used to create applications that are on the public internet , hackers are going to be especially focused on exploiting it so they can gain access to corporate networks . And there are some big targets out there : Apache Struts is extremely common with most large corporations using it somewhere in their systems for web apps . Semmle 's VP of engineering , Pavel Avgustinov , had this to say about the hole on Wednesday this week : `` Critical remote code execution vulnerabilities like the one that affected Vulnerability-related.DiscoverVulnerability Equifax and the one we announced today are incredibly dangerous for several reasons : Struts is used for publicly-accessible customer-facing websites , vulnerable systems are easily identified , and the flaw is easy to exploit Vulnerability-related.DiscoverVulnerability . A hacker can find their way in within minutes , and exfiltrate Attack.Databreach data or stage further attacks from the compromised system . It ’ s crucially important to update affected systems immediately ; to wait is to take an irresponsible risk . '' This is very far from the first time that big security holes have been found Vulnerability-related.DiscoverVulnerability in Struts , leading some to recommend that people simply stop using it .

Another critical security hole has been found Vulnerability-related.DiscoverVulnerability in Apache Struts 2 , requiring an immediate update . The vulnerability – CVE-2018-11776 – affects Vulnerability-related.DiscoverVulnerability core code and allows miscreants to pull off remote code execution against vulnerable servers and websites . It affects Vulnerability-related.DiscoverVulnerability all versions of Struts 2 , the popular open-source framework for Java web apps . The Apache Software Foundation has `` urgently advised '' anyone using Struts to update Vulnerability-related.PatchVulnerability to the latest version immediately , noting that the last time a critical hole was found Vulnerability-related.DiscoverVulnerability , the holes were being exploited Vulnerability-related.DiscoverVulnerability in the wild just a day later . In other words , if you delay in patching Vulnerability-related.PatchVulnerability , your organization will be compromised in short order via this bug , if you are running vulnerable systems . It was that earlier flaw that led to a nightmare data breach Attack.Databreach from credit company Equifax after it failed to patch Vulnerability-related.PatchVulnerability swiftly enough . The details of nearly 150 million people were exposed Attack.Databreach , costing the company more than $ 600m , so this is not something to be taken lightly . The company that discovered Vulnerability-related.DiscoverVulnerability the vulnerability – Semmle Security Research Team – warns that this latest one is actually worse that the one last year , which it also found Vulnerability-related.DiscoverVulnerability . It has published a blog post with more information . Semmle found Vulnerability-related.DiscoverVulnerability the hole back in April and reported Vulnerability-related.DiscoverVulnerability it to Apache , which put out Vulnerability-related.PatchVulnerability a patch in June that it has now pulled Vulnerability-related.PatchVulnerability into formal updates ( 2.3.35 for those using version 2.3 and 2.5.17 for those on 2.5 ) . As mentioned , the vulnerability is in the core code and does n't require additional plugins to work . It is caused by insufficient validation of untrusted user data in the core of the Struts framework , and can be exploited in several different ways . Semmle says it has identified two different vectors but warns there may be others . Since it can be used remotely and due to the fact that Struts is typically used to create applications that are on the public internet , hackers are going to be especially focused on exploiting it so they can gain access to corporate networks . And there are some big targets out there : Apache Struts is extremely common with most large corporations using it somewhere in their systems for web apps . Semmle 's VP of engineering , Pavel Avgustinov , had this to say about the hole on Wednesday this week : `` Critical remote code execution vulnerabilities like the one that affected Vulnerability-related.DiscoverVulnerability Equifax and the one we announced today are incredibly dangerous for several reasons : Struts is used for publicly-accessible customer-facing websites , vulnerable systems are easily identified , and the flaw is easy to exploit Vulnerability-related.DiscoverVulnerability . A hacker can find their way in within minutes , and exfiltrate Attack.Databreach data or stage further attacks from the compromised system . It ’ s crucially important to update affected systems immediately ; to wait is to take an irresponsible risk . '' This is very far from the first time that big security holes have been found Vulnerability-related.DiscoverVulnerability in Struts , leading some to recommend that people simply stop using it .

The Bitcoin Core developers recently fixed Vulnerability-related.PatchVulnerability a major vulnerability in the Bitcoin ( BTC ) network ’ s ( client ) codebase . Explaining the potentially serious nature of the software bug , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-17144 and classified as a denial-of-service ( DoS ) attack , Casaba Security co-founder Jason Glassberg said Vulnerability-related.DiscoverVulnerability : “ [ It ] can take down the network. ” Glassberg also told Vulnerability-related.DiscoverVulnerability ZDNet the vulnerability in the Bitcoin Core codebase “ would [ have ] affected transactions in the sense that they can not be completed , but does not appear to open up a way to steal or manipulate wallets. ” Denial-of-Service ( DoS ) , 51 % Attacks The Bitcoin Core client software is used by BTC miners to validate transactions on the cryptocurrency ’ s blockchain and the recent vulnerability found Vulnerability-related.DiscoverVulnerability in its source code could have been used to intentionally crash bitcoin ’ s full-node operators . Although not logistically feasible , this particular software bug could have been remotely exploited Vulnerability-related.DiscoverVulnerability by an attacker to launch a 51 % attack in which one entity controls the majority of the hashing ( or computing ) power of a cryptocurrency network . Advisory Notice , Critical Patch Released Vulnerability-related.PatchVulnerability In most cases , a bad actor has orchestrated a 51 % attack in order to manipulate transactions on a cryptocurrency ’ s blockchain for financial gains . At present , it would cost approximately $ 490,000 to launch such an attack ( for 1 hour ) on the Bitcoin network , according to Crypto51 . However , if the recent Bitcoin Core software bug had not been patched Vulnerability-related.PatchVulnerability , a bad actor could have initiated a 51 % attack on the cryptocurrency ’ s network at a considerably lower cost . The Bitcoin Core developers posted Vulnerability-related.DiscoverVulnerability an advisory notice ( on September 19th ) regarding this DoS vulnerability . Users of Bitcoin Core have been instructed to upgrade Vulnerability-related.PatchVulnerability to version 0.16.3 of the software . Previous versions ( 0.14.0 to 0.16.3 ) of the client contain the DoS vulnerability . Bitcoin Knots , one of at least 96 bitcoin forks to date , was considered vulnerable Vulnerability-related.DiscoverVulnerability as well and its client software was patched Vulnerability-related.PatchVulnerability . `` Copycat '' Cryptos Are At Risk Notably , the CVE-2018-17144 vulnerability could have also affected Vulnerability-related.DiscoverVulnerability the litecoin ( LTC ) network but its client has received Vulnerability-related.PatchVulnerability a patch . Commenting on the serious nature of these software bugs , Cornell computer science professor Emin Gün Sirer said Vulnerability-related.DiscoverVulnerability : “ Copycat currencies are at risk ” - meaning that all bitcoin forks are vulnerable Vulnerability-related.DiscoverVulnerability to the attack . The Turkish-American cryptographer , who identified Vulnerability-related.DiscoverVulnerability critical vulnerabilities in Ethereum ’ s codebase before its network was hit with the DAO attack , was referring to all the currently 69 active bitcoin forks that could still be exploited Vulnerability-related.DiscoverVulnerability with a 51 % attack as their clients might still not have received Vulnerability-related.PatchVulnerability a patch and are not as secure as bitcoin network due to their smaller size . In fact , Crypto51 has estimated it would only cost $ 122 to launch a 51 % attack on the Bitcoin Private ( BTCP ) network . However , this estimate has not been confirmed by another source .

A flaw in Safari – that allows an attacker to spoof Attack.Phishing websites and trick Attack.Phishing victims into handing over their credentials – has yet to be patched Vulnerability-related.PatchVulnerability . A browser address bar spoofing flaw was found Vulnerability-related.DiscoverVulnerability by researchers this week in Safari – and Apple has yet issue Vulnerability-related.PatchVulnerability a patch for the flaw . Researcher Rafay Baloch on Monday disclosed Vulnerability-related.DiscoverVulnerability two proof-of-concepts revealing Vulnerability-related.DiscoverVulnerability how vulnerabilities in Edge browser 42.17134.1.0 and Safari iOS 11.3.1 could be abused to manipulate the browsers ’ address bars , tricking victims into thinking they are visiting a legitimate website . Baloch told Threatpost Wednesday that Apple has promised to fix Vulnerability-related.PatchVulnerability the flaw in its next security update for Safari . “ Apple has told [ me ] that the latest beta of iOS 12 also addresses Vulnerability-related.PatchVulnerability the issue , however they haven ’ t provided any dates , ” he said . Apple did not respond to multiple requests for comment from Threatpost . Microsoft for its part has fixed Vulnerability-related.PatchVulnerability the vulnerability Baloch found Vulnerability-related.DiscoverVulnerability in the Edge browser , ( CVE-2018-8383 ) in its August Patch Tuesday release . According to Microsoft ’ s vulnerability advisory released Vulnerability-related.PatchVulnerability August 14 , the spoofing flaw exists because Edge does not properly parse HTTP content . Both flaws stem from the Edge and Safari browsers allowing JavaScript to update the address bar while the page is still loading . This means that an attacker could request data from a non-existent port and , due to the delay induced by the setInterval function , trigger the address bar spoofing . The browser would then preserve the address bar and load the content from the spoofed page , Baloch said in his blog breaking down both vulnerabilities . From there , the attacker could spoof Attack.Phishing the website , using it to lure Attack.Phishing in victims and potentially gather credentials or spread malware . For instance , the attacker could send Attack.Phishing an email message containing the specially crafted URL to the user , convince the user to click it , and take them to the link which could gather their credentials or sensitive information . “ As per Google , Address bar is the only reliable indicator for ensuring the identity of the website , if the Address bar points to Facebook.com and the content is hosted on attacker ’ s website , there is no reason why someone would not fall for this , ” Baloch told Threatpost . In a video demonstration , Baloch showed how he could visit a link for the vulnerable browser on Edge ( http : //sh3ifu [ . ] com/bt/Edge-Spoof.html ) , which would take him to a site purporting to be Attack.Phishing Gmail login . However , while the URL points to a Gmail address , the content is hosted on sh3ifu.com , said Baloch . The Safari proof-of-concept is similar , except for one constraint where it does not allow users to type their information into the input boxes while the page is in a loading state . However , Bolach said he was able to circumvent this restriction by injecting a fake keyboard using Javascript – a common practice in banking sites . No other browsers – including Chrome or Firefox – were discovered Vulnerability-related.DiscoverVulnerability to have the flaw , said Baloch . Baloch is known for discovering Vulnerability-related.DiscoverVulnerability similar vulnerabilities in Chrome , Firefox and other major browsers in 2016 , which also allowed attackers to spoof URLs in the address bar . The vulnerabilities were disclosed Vulnerability-related.DiscoverVulnerability to both Microsoft and Apple and Baloch gave both a 90-day deadline before he went public Vulnerability-related.DiscoverVulnerability with the flaws . Due to the Safari browser bug being unpatched Vulnerability-related.PatchVulnerability , Baloch said he has not yet released a Proof of Concept : “ However considering there is a slight difference between the Edge browser POC and Safari , anyone with decent knowledge of Javascript can make it work on Safari , ” he told us .

EOS has tweeted to confirm that it has patched Vulnerability-related.PatchVulnerability “ most ” of the reported bugs and is “ working hard ” on the remainder . It expects the mainnet launch to stay on schedule . Qihoo 360 , a China-based internet security firm , says it has notified Vulnerability-related.DiscoverVulnerability the EOS blockchain project about “ a series of epic vulnerabilities ” discovered Vulnerability-related.DiscoverVulnerability on its platform . The firm said in a Tuesday report Vulnerability-related.DiscoverVulnerability that loopholes found Vulnerability-related.DiscoverVulnerability in the EOS platform could expose nodes on the network to attackers , giving them the ability to execute code remotely and take “ full control ” of transactions . The firm claims that such an attack could potentially “ decimate ” the entire cryptocurrency network . Qihoo 360 went on to explain that bad actors would be able to attack the network by constructing and publishing smart contracts containing malicious code on the EOS mainnet and have EOS supernodes pack them into new blocks . Subsequently the code would affect all nodes on the network , including those of cryptocurrency wallets and exchanges , letting the attackers gain control of private keys to cryptocurrency transactions . While EOS has not yet made any public comment on the issue , Qihoo 360 said in another blog update that the project ’ s lead developer , Daniel Larimer , was notified Vulnerability-related.DiscoverVulnerability of the issues and that he has since said Vulnerability-related.DiscoverVulnerability the vulnerabilities – identified as issue number 3498 on Github – have been fixed Vulnerability-related.PatchVulnerability . “ If any of these asserts trigger in release it shouldn ’ t pass , but should throw . Allowing the code to continue running in release is a potential security vulnerability and will likely result in crashes elsewhere , ” Larimer wrote on the Github page . Meanwhile , Larimer has today appealed for more external assistance in identifying Vulnerability-related.DiscoverVulnerability critical bugs in the system with the project ’ s mainnet launch just days away .

A security researcher has published Vulnerability-related.DiscoverVulnerability details of a vulnerability in a popular cloud storage drive after the company failed to issue Vulnerability-related.PatchVulnerability security patches for over a year . Remco Vermeulen found Vulnerability-related.DiscoverVulnerability a privilege escalation bug in Western Digital ’ s My Cloud devices , which he said Vulnerability-related.DiscoverVulnerability allows an attacker to bypass the admin password on the drive , gaining “ complete control ” over the user ’ s data . The exploit works because drive ’ s web-based dashboard doesn ’ t properly check a user ’ s credentials before giving a possible attacker access to tools that should require higher levels of access . The bug was “ easy ” to exploit , Vermeulen told TechCrunch in an email , and was remotely exploitable if a My Cloud device allows remote access over the internet — which thousands of devices do . He posted a proof-of-concept video on Twitter . Details of the bug were also independently found Vulnerability-related.DiscoverVulnerability by another security team , which released its own exploit code . Vermeulen reported Vulnerability-related.DiscoverVulnerability the bug over a year ago , in April 2017 , but said the company stopped responding . Normally , security researchers give 90 days for a company to respond , in line with industry-accepted responsible disclosure guidelines . After he found Vulnerability-related.DiscoverVulnerability that WD updated Vulnerability-related.PatchVulnerability the My Cloud firmware in the meanwhile without fixing Vulnerability-related.PatchVulnerability the vulnerability he found Vulnerability-related.DiscoverVulnerability , he decided to post Vulnerability-related.DiscoverVulnerability his findings . A year later , WD still hasn’t released Vulnerability-related.PatchVulnerability a patch . The company confirmed Vulnerability-related.DiscoverVulnerability that it knows Vulnerability-related.DiscoverVulnerability of the vulnerability but did not say why it took more than a year to issue Vulnerability-related.PatchVulnerability a fix . “ We are in the process of finalizing a scheduled firmware update that will resolve Vulnerability-related.PatchVulnerability the reported issue , ” a spokesperson said , which will arrive Vulnerability-related.PatchVulnerability “ within a few weeks. ” WD said Vulnerability-related.DiscoverVulnerability that several of its My Cloud products are vulnerable Vulnerability-related.DiscoverVulnerability — including the EX2 , EX4 and Mirror , but not My Cloud Home . In the meantime , Vermeulen said that there ’ s no fix and that users have to “ just disconnect ” the drive altogether if they want to keep their data safe .

A security researcher has published Vulnerability-related.DiscoverVulnerability details of a vulnerability in a popular cloud storage drive after the company failed to issue Vulnerability-related.PatchVulnerability security patches for over a year . Remco Vermeulen found Vulnerability-related.DiscoverVulnerability a privilege escalation bug in Western Digital ’ s My Cloud devices , which he said Vulnerability-related.DiscoverVulnerability allows an attacker to bypass the admin password on the drive , gaining “ complete control ” over the user ’ s data . The exploit works because drive ’ s web-based dashboard doesn ’ t properly check a user ’ s credentials before giving a possible attacker access to tools that should require higher levels of access . The bug was “ easy ” to exploit , Vermeulen told TechCrunch in an email , and was remotely exploitable if a My Cloud device allows remote access over the internet — which thousands of devices do . He posted a proof-of-concept video on Twitter . Details of the bug were also independently found Vulnerability-related.DiscoverVulnerability by another security team , which released its own exploit code . Vermeulen reported Vulnerability-related.DiscoverVulnerability the bug over a year ago , in April 2017 , but said the company stopped responding . Normally , security researchers give 90 days for a company to respond , in line with industry-accepted responsible disclosure guidelines . After he found Vulnerability-related.DiscoverVulnerability that WD updated Vulnerability-related.PatchVulnerability the My Cloud firmware in the meanwhile without fixing Vulnerability-related.PatchVulnerability the vulnerability he found Vulnerability-related.DiscoverVulnerability , he decided to post Vulnerability-related.DiscoverVulnerability his findings . A year later , WD still hasn’t released Vulnerability-related.PatchVulnerability a patch . The company confirmed Vulnerability-related.DiscoverVulnerability that it knows Vulnerability-related.DiscoverVulnerability of the vulnerability but did not say why it took more than a year to issue Vulnerability-related.PatchVulnerability a fix . “ We are in the process of finalizing a scheduled firmware update that will resolve Vulnerability-related.PatchVulnerability the reported issue , ” a spokesperson said , which will arrive Vulnerability-related.PatchVulnerability “ within a few weeks. ” WD said Vulnerability-related.DiscoverVulnerability that several of its My Cloud products are vulnerable Vulnerability-related.DiscoverVulnerability — including the EX2 , EX4 and Mirror , but not My Cloud Home . In the meantime , Vermeulen said that there ’ s no fix and that users have to “ just disconnect ” the drive altogether if they want to keep their data safe .

A security researcher has published Vulnerability-related.DiscoverVulnerability details of a vulnerability in a popular cloud storage drive after the company failed to issue Vulnerability-related.PatchVulnerability security patches for over a year . Remco Vermeulen found Vulnerability-related.DiscoverVulnerability a privilege escalation bug in Western Digital ’ s My Cloud devices , which he said Vulnerability-related.DiscoverVulnerability allows an attacker to bypass the admin password on the drive , gaining “ complete control ” over the user ’ s data . The exploit works because drive ’ s web-based dashboard doesn ’ t properly check a user ’ s credentials before giving a possible attacker access to tools that should require higher levels of access . The bug was “ easy ” to exploit , Vermeulen told TechCrunch in an email , and was remotely exploitable if a My Cloud device allows remote access over the internet — which thousands of devices do . He posted a proof-of-concept video on Twitter . Details of the bug were also independently found Vulnerability-related.DiscoverVulnerability by another security team , which released its own exploit code . Vermeulen reported Vulnerability-related.DiscoverVulnerability the bug over a year ago , in April 2017 , but said the company stopped responding . Normally , security researchers give 90 days for a company to respond , in line with industry-accepted responsible disclosure guidelines . After he found Vulnerability-related.DiscoverVulnerability that WD updated Vulnerability-related.PatchVulnerability the My Cloud firmware in the meanwhile without fixing Vulnerability-related.PatchVulnerability the vulnerability he found Vulnerability-related.DiscoverVulnerability , he decided to post Vulnerability-related.DiscoverVulnerability his findings . A year later , WD still hasn’t released Vulnerability-related.PatchVulnerability a patch . The company confirmed Vulnerability-related.DiscoverVulnerability that it knows Vulnerability-related.DiscoverVulnerability of the vulnerability but did not say why it took more than a year to issue Vulnerability-related.PatchVulnerability a fix . “ We are in the process of finalizing a scheduled firmware update that will resolve Vulnerability-related.PatchVulnerability the reported issue , ” a spokesperson said , which will arrive Vulnerability-related.PatchVulnerability “ within a few weeks. ” WD said Vulnerability-related.DiscoverVulnerability that several of its My Cloud products are vulnerable Vulnerability-related.DiscoverVulnerability — including the EX2 , EX4 and Mirror , but not My Cloud Home . In the meantime , Vermeulen said that there ’ s no fix and that users have to “ just disconnect ” the drive altogether if they want to keep their data safe .