Researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in Foscam connected security cameras that could enable a bad actor to gain root access knowing only the camera ’ s IP address . Foscam is urging customers to update Vulnerability-related.PatchVulnerability their security cameras after researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera ’ s IP address . The vulnerability trifecta includes an arbitrary file-deletion bug , a shell command-injection flaw and a stack-based buffer overflow vulnerability according to the researchers at VDOO who found Vulnerability-related.DiscoverVulnerability the flaws . The proof-of-concept attack revolved around a process in the cameras called webService , which receives requests from servers and can be used to verify the user ’ s credentials , if necessary , and run the handler for the desired API command . To launch an attack , an attacker would have to obtain Attack.Databreach the camera ’ s IP address or DNS name . Generally if the camera is configured so that it has direct interface to the internet , its address might be exposed Attack.Databreach to certain internet scanners . The PoC attacker then crashed the webService process by exploiting the stack-based buffer overflow vulnerability ( CVE-2018-6832 ) . After it crashes , the webService process automatically restarts via the watchdog daemon ( which restarts important processes after they ’ re terminated ) , and during the process reload , an attacker could leverage a second flaw , the arbitrary file-deletion vulnerability ( CVE-2018-6830 ) , to delete certain critical files . This will result in authentication bypass when the webService process reloads ; so that the bad actor is able to gain administrative credentials . From there , an attacker could use the third vuln ( CVE-2018-6831 ) to execute root commands . This bug is a shell command-injection vulnerability that requires administrator credentials . “ Since the adversary gained administrator credentials in the previous stage , he can now use this vulnerability to execute commands as the root user for privilege escalation , ” researchers said . The Internet of Things continues to post a significant problem as many connected devices lack proper security controls . The 2016 Mirai botnet attack , which was orchestrated as a distributed denial of service attack through 300,000 vulnerable IoT devices like webcams , routers and video recorders , showed just how big of an impact the lack of IoT security has . The patches also come after Vulnerability-related.PatchVulnerability reports of a hacked baby camera emerged last week , when a woman from South Carolina said a stranger hacked into her baby monitor to spy on her and her family . These IoT security incidents show not only that connected products are highly vulnerable to security hacks , but also that such hacks could mean a complete invasion of privacy at the most personal level . Foscam , for its part , urged customers to upgrade Vulnerability-related.PatchVulnerability their cameras as soon as possible , saying that “ the latest firmware for Foscam cameras utilizes protection against various types of online hacking and unauthorized access. ” It added , “ Foscam is fully committed to maintaining the safety and integrity of our user experience and will take all action reasonably necessary to ensure the privacy and security of our cameras . ”

Adobe has emitted Vulnerability-related.PatchVulnerability software updates to address Vulnerability-related.PatchVulnerability a critical vulnerability in Flash Player for Windows , Mac , and Linux . PC owners and admins will want to upgrade Vulnerability-related.PatchVulnerability their copies of Flash to version 31.0.0.153 or later in order to get Vulnerability-related.PatchVulnerability the patch – or just dump the damn thing all together . The November 20 security update addresses Vulnerability-related.PatchVulnerability a single flaw , designated Vulnerability-related.DiscoverVulnerability CVE-2018-15981 . It is a type confusion bug that can be exploited Vulnerability-related.DiscoverVulnerability to achieve remote code execution . Basically , an attacker could slip the exploit code into a Flash .swf file , put it on a web page , and covertly install malware on any vulnerable machine that visits the page . Because Adobe does not maintain a fixed patching schedule Vulnerability-related.PatchVulnerability for Flash Player , this is n't technically considered an out-of-band band-aid . However , the update does come Vulnerability-related.PatchVulnerability just one week after Adobe pushed out Vulnerability-related.PatchVulnerability a handful of fixes for Patch Tuesday , including one for an information disclosure vulnerability in Flash Player . That Adobe would post Vulnerability-related.PatchVulnerability another update just one week after their last patch should underscore that CVE-2018-15981 is a serious enough vulnerability to be a priority fix Vulnerability-related.PatchVulnerability for users and admins . After installing Vulnerability-related.PatchVulnerability this latest fix , those who are tired of the constant security threats might also want to consider taking the advice of multiple security experts and developers and at least disable Flash by default if not permanently . The notoriously vulnerable plugin has long since been surpassed by HTML5 , and most major websites have already transitioned away from Flash , leaving it only really useful for specific sites and applications . Even Adobe wants to kill off Flash . The Photoshop giant has said that by 2020 it plans to formally retire the plugin once and for all .

It has not been a good week for PDF programs . We had an Adobe Acrobat & Reader update released Vulnerability-related.PatchVulnerability yesterday that fixed Vulnerability-related.PatchVulnerability 86 vulnerabilities , including numerous critical ones . Not to be beaten , an update for Foxit PDF Reader and Foxit PhantomPDF was released Vulnerability-related.PatchVulnerability last Friday that fixes Vulnerability-related.PatchVulnerability a whopping 116 vulnerabilities , with 18 of them being discovered Vulnerability-related.DiscoverVulnerability by the Cisco Talos group . All of the 18 vulnerabilities found Vulnerability-related.DiscoverVulnerability by Cisco Talos , as well as many others fixed Vulnerability-related.PatchVulnerability by this update , are labeled as critical because they could lead to code execution . This would allow attackers to create Attack.Phishing specially crafted web pages or PDFs that could exploit these vulnerabilities to execute commands or install malware on vulnerable computers . Of the 18 vulnerabilities disclosed Vulnerability-related.DiscoverVulnerability by Cisco , 12 of them could be exploited Vulnerability-related.DiscoverVulnerability simply by visiting a web site when the Foxit PDF browser plugin is enabled . Foxit suggests that all users of Foxit PDF Reader and Foxit PhantomPDF upgrade Vulnerability-related.PatchVulnerability to version 9.3 to resolve Vulnerability-related.PatchVulnerability these vulnerabilities . Foxit PDF Reader 9.3 can be downloaded here and Foxit PhantomPDF can be downloaded here . It is strongly suggested that all users install this update . The full list of patched vulnerabilities is below and more information about who discovered Vulnerability-related.DiscoverVulnerability the vulnerabilities can be found Vulnerability-related.DiscoverVulnerability in Foxit 's security bulletin .

A new version of Git has been emitted to ward off attempts to exploit Vulnerability-related.DiscoverVulnerability a potential arbitrary code execution vulnerability – which can be triggered by merely cloning a malicious repository . The security hole , CVE-2018-11235 , reported Vulnerability-related.DiscoverVulnerability by Etienne Stalmans , stems from a flaw in Git whereby sub-module names supplied by the .gitmodules file are not properly validated when appended to $ GIT_DIR/modules . Including `` .. / '' in a name could result in directory hopping . Post-checkout hooks could then be executed , potentially causing all manner of mayhem to ensue on the victim 's system . Another vulnerability , CVE-2018-11233 , describes Vulnerability-related.DiscoverVulnerability a flaw in the processing of pathnames in Git on NTFS-based systems , allowing the reading of memory contents . In a change from normal programming , the vulnerability appears to be cross platform . Fear not , however , because a patch is available Vulnerability-related.PatchVulnerability . The Git team released Vulnerability-related.PatchVulnerability the update in 2.13.7 of the popular coding , collaboration and control tool and forward-ported it to versions 2.14.4 , 2.15.2 , 2.16.4 and 2.13.7 . For its part , Microsoft has urged users to download 2.17.1 ( 2 ) of Git for Windows and has blocked the malicious repositories from being pushed to Visual Studio Team Services users . The software giant has also promised a hotfix will `` shortly '' be available Vulnerability-related.PatchVulnerability for its popular Visual Studio 2017 platform . Other vendors , such as Debian , have been updating Vulnerability-related.PatchVulnerability their Linux and software distributions to include the patched code and recommend that users upgrade Vulnerability-related.PatchVulnerability to thwart ne'er-do-wells seeking to exploit Vulnerability-related.DiscoverVulnerability the vulnerability .

Kubernetes has12 become the most popular cloud container orchestration system by far , so it was only a matter of time until its first major security hole was discovered Vulnerability-related.DiscoverVulnerability . And the bug , CVE-2018-1002105 , aka the Kubernetes privilege escalation flaw , is a doozy . It 's a CVSS 9.8 critical security hole . With a specially crafted network request , any user can establish a connection through the Kubernetes application programming interface ( API ) server to a backend server . Once established , an attacker can send arbitrary requests over the network connection directly to that backend . Adding insult to injury , these requests are authenticated with the Kubernetes API server 's Transport Layer Security ( TLS ) credentials . Worse still , `` In default configurations , all users ( authenticated and unauthenticated ) are allowed to perform discovery API calls that allow this escalation . '' So , yes , anyone who knows about this hole can take command of your Kubernetes cluster . Oh , and for the final jolt of pain : `` There is no simple way to detect whether this vulnerability has been used . Because the unauthorized requests are made over an established connection , they do not appear in the Kubernetes API server audit logs or server log . The requests do appear in the kubelet or aggregated API server logs , but are indistinguishable from correctly authorized and proxied requests via the Kubernetes API server . '' In other words , Red Hat said , `` The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod . This is a big deal . Not only can this actor steal Attack.Databreach sensitive data or inject malicious code , but they can also bring down production applications and services from within an organization 's firewall . '' The only real fix is to upgrade Vulnerability-related.PatchVulnerability Kubernetes . Any program , which includes Kubernetes , is vulnerable . Kubernetes distributors are already releasing Vulnerability-related.PatchVulnerability fixes . Red Hat reports all its `` Kubernetes-based services and products -- including Red Hat OpenShift Container Platform , Red Hat OpenShift Online , and Red Hat OpenShift Dedicated -- are affected . '' Red Hat has begun delivering Vulnerability-related.PatchVulnerability patches and service updates to affected users . As far as anyone knows , no one has used the security hole to attack anyone yet . Darren Shepard , chief architect and co-founder at Rancher Labs , discovered Vulnerability-related.DiscoverVulnerability the bug and reported Vulnerability-related.DiscoverVulnerability it using the Kubernetes vulnerability reporting process Vulnerability-related.DiscoverVulnerability . But -- and it 's a big but -- abusing the vulnerability would have left no obvious traces in the logs . And , now that news of the Kubernetes privilege escalation flaw is out , it 's only a matter of time until it 's abused . So , once more and with feeling , upgrade your Kubernetes systems now before your company ends up in a world of trouble .

The Bitcoin Core developers recently fixed Vulnerability-related.PatchVulnerability a major vulnerability in the Bitcoin ( BTC ) network ’ s ( client ) codebase . Explaining the potentially serious nature of the software bug , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-17144 and classified as a denial-of-service ( DoS ) attack , Casaba Security co-founder Jason Glassberg said Vulnerability-related.DiscoverVulnerability : “ [ It ] can take down the network. ” Glassberg also told Vulnerability-related.DiscoverVulnerability ZDNet the vulnerability in the Bitcoin Core codebase “ would [ have ] affected transactions in the sense that they can not be completed , but does not appear to open up a way to steal or manipulate wallets. ” Denial-of-Service ( DoS ) , 51 % Attacks The Bitcoin Core client software is used by BTC miners to validate transactions on the cryptocurrency ’ s blockchain and the recent vulnerability found Vulnerability-related.DiscoverVulnerability in its source code could have been used to intentionally crash bitcoin ’ s full-node operators . Although not logistically feasible , this particular software bug could have been remotely exploited Vulnerability-related.DiscoverVulnerability by an attacker to launch a 51 % attack in which one entity controls the majority of the hashing ( or computing ) power of a cryptocurrency network . Advisory Notice , Critical Patch Released Vulnerability-related.PatchVulnerability In most cases , a bad actor has orchestrated a 51 % attack in order to manipulate transactions on a cryptocurrency ’ s blockchain for financial gains . At present , it would cost approximately $ 490,000 to launch such an attack ( for 1 hour ) on the Bitcoin network , according to Crypto51 . However , if the recent Bitcoin Core software bug had not been patched Vulnerability-related.PatchVulnerability , a bad actor could have initiated a 51 % attack on the cryptocurrency ’ s network at a considerably lower cost . The Bitcoin Core developers posted Vulnerability-related.DiscoverVulnerability an advisory notice ( on September 19th ) regarding this DoS vulnerability . Users of Bitcoin Core have been instructed to upgrade Vulnerability-related.PatchVulnerability to version 0.16.3 of the software . Previous versions ( 0.14.0 to 0.16.3 ) of the client contain the DoS vulnerability . Bitcoin Knots , one of at least 96 bitcoin forks to date , was considered vulnerable Vulnerability-related.DiscoverVulnerability as well and its client software was patched Vulnerability-related.PatchVulnerability . `` Copycat '' Cryptos Are At Risk Notably , the CVE-2018-17144 vulnerability could have also affected Vulnerability-related.DiscoverVulnerability the litecoin ( LTC ) network but its client has received Vulnerability-related.PatchVulnerability a patch . Commenting on the serious nature of these software bugs , Cornell computer science professor Emin Gün Sirer said Vulnerability-related.DiscoverVulnerability : “ Copycat currencies are at risk ” - meaning that all bitcoin forks are vulnerable Vulnerability-related.DiscoverVulnerability to the attack . The Turkish-American cryptographer , who identified Vulnerability-related.DiscoverVulnerability critical vulnerabilities in Ethereum ’ s codebase before its network was hit with the DAO attack , was referring to all the currently 69 active bitcoin forks that could still be exploited Vulnerability-related.DiscoverVulnerability with a 51 % attack as their clients might still not have received Vulnerability-related.PatchVulnerability a patch and are not as secure as bitcoin network due to their smaller size . In fact , Crypto51 has estimated it would only cost $ 122 to launch a 51 % attack on the Bitcoin Private ( BTCP ) network . However , this estimate has not been confirmed by another source .

This week , Adobe released Vulnerability-related.PatchVulnerability its monthly scheduled update bundle addressing Vulnerability-related.PatchVulnerability vulnerabilities within its different products . The Adobe patch Tuesday November updates allegedly fixed Vulnerability-related.PatchVulnerability numerous vulnerabilities leading to information disclosure . These vulnerabilities existed in Vulnerability-related.DiscoverVulnerability Adobe Acrobat/Reader , Flash Player , and Photoshop CC . The recently released Adobe Patch Tuesday November updates addressed Vulnerability-related.PatchVulnerability three different vulnerabilities – all resulting in information disclosure . The first one existed in Vulnerability-related.DiscoverVulnerability the Adobe Photoshop CC affecting Vulnerability-related.DiscoverVulnerability versions 19.1.6 and prior for both Windows and MacOS . As described in the security advisory , Adobe has fixed Vulnerability-related.PatchVulnerability this important Out-of-bounds read vulnerability ( CVE-2018-15980 ) in the Photoshop CC versions 19.1.7 and 20.0 . The second information disclosure flaw affected Vulnerability-related.DiscoverVulnerability Adobe Reader and Acrobat for Windows . Explaining about the flaw in their advisory , Adobe stated , “ Successful exploitation could lead to an inadvertent leak of the user ’ s hashed NTLM password. ” The vulnerability initially received the CVE Vulnerability-related.DiscoverVulnerability number CVE-2018-4993 , when Check Point Research first reported Vulnerability-related.DiscoverVulnerability the bug . However , as recently disclosed Vulnerability-related.DiscoverVulnerability by the EdgeSpot , Adobe only patched Vulnerability-related.PatchVulnerability a single variant of this bug . Whereas , the EdgeSpot team discovered Vulnerability-related.DiscoverVulnerability other variants that hinted towards a failed patching Vulnerability-related.PatchVulnerability of the bug instead of a new vulnerability . The patched vulnerability has now received CVE Vulnerability-related.DiscoverVulnerability number CVE-2018-15979 “ to reflect that the patch is available Vulnerability-related.PatchVulnerability ” . The third vulnerability addressed Vulnerability-related.PatchVulnerability this month is an out-of-bounds Read vulnerability ( CVE-2018-15978 ) in the Adobe Flash Player . The affected versions include 31.0.0.122 and earlier for Windows , Linux , and MacOS . Unlike previous months , the Adobe Patch Tuesday November update bundle addressed Vulnerability-related.PatchVulnerability fewer bugs . Moreover , none of the patched vulnerabilities had a critical severity impact . In October , Adobe patched Vulnerability-related.PatchVulnerability 86 different vulnerabilities including 47 critical ones . Whereas , in September , they addressed Vulnerability-related.PatchVulnerability 6 critical flaws . Adobe has fixed Vulnerability-related.PatchVulnerability the bugs CVE-2018-15980 and CVE-2018-15978 in Adobe Photoshop CC versions 19.1.7 and 20.0 and Adobe Flash Player version 31.0.0.148 , respectively . Whereas , CVE-2018-15979 has received Vulnerability-related.PatchVulnerability a patch in Adobe Acrobat DC and Reader DC version 2019.008.20081 , Acrobat 2017 and Acrobat Reader DC 2017 version 2017.011.30106 , and Acrobat DC and Acrobat Reader DC ( Classic 2015 ) version 2015.006.30457 . For protection against the three important vulnerabilities addressed Vulnerability-related.PatchVulnerability in November updates , users should make sure to upgrade Vulnerability-related.PatchVulnerability their software to the patched versions at the earliest convenience .

After scrambling to patch Vulnerability-related.PatchVulnerability a critical vulnerability late last month , Drupal is at it again . The open source content management project has issued Vulnerability-related.PatchVulnerability an unscheduled security update to augment its previous patch for Drupalgeddon2 . There was also a cross-site scripting bug advisory in mid-April . The latest Drupal core vulnerability , designated Vulnerability-related.DiscoverVulnerability , SA-CORE-2018-004 and assigned Vulnerability-related.DiscoverVulnerability CVE-2018-7602 , is related to the March SA-CORE-2018-002 flaw ( CVE-2018-7600 ) , according to the Drupal security team . It can be exploited Vulnerability-related.DiscoverVulnerability to take over a website 's server , and allow miscreants to steal information or alter pages . `` It is a remote code execution vulnerability , '' explained a member of the Drupal security team in an email to The Register . `` No more technical details beyond that are available . '' The vulnerability affects Vulnerability-related.DiscoverVulnerability at least Drupal 7.x and Drupal 8.x . And a similar issue has been found Vulnerability-related.DiscoverVulnerability in the Drupal Media module . In a blog post from earlier this month about the March patch , Dries Buytaert , founder of the Drupal project , observed Vulnerability-related.DiscoverVulnerability that all software has security issues and critical security bugs are rare . While the March bug is being actively exploited Vulnerability-related.DiscoverVulnerability , the Drupal security team says it 's unaware of any exploitation of the latest vulnerability . But it wo n't be long – those maintaining the project observed automated attacks appearing about two weeks after the SA-CORE-2018-002 notice . The fix is to upgrade Vulnerability-related.PatchVulnerability to the most recent version of Drupal 7 or 8 core . The latest code can be found at Drupal 's website . For those running 7.x , that means upgrading to Drupal 7.59 . For those running , 8.5.x , the latest version if 8.5.3 . And for those still on 8.4.x , there 's an upgrade to 8.4.8 , despite the fact that as an unsupported minor release , the 8.4.x line would not normally get Vulnerability-related.PatchVulnerability security updates . And finally , if you 're still on Drupal 6 , which is no longer officially supported , unofficial patches are being developed Vulnerability-related.PatchVulnerability here . Drupal users appear to be taking the release in stride , though with a bit of grumbling . `` Drupal Wednesday looks like the new Windows patch day , '' quipped designer Tom Binroth via Twitter . `` I would rather spend my time on creating new stuff than patching Vulnerability-related.PatchVulnerability Drupal core sites . ''

The Git Project announced Vulnerability-related.DiscoverVulnerability yesterday a critical arbitrary code execution vulnerability in the Git command line client , Git Desktop , and Atom that could allow malicious repositories to remotely execute commands on a vulnerable machine . This vulnerability has been assigned Vulnerability-related.DiscoverVulnerability the CVE-2018-17456 ID and is similar to a previous CVE-2017-1000117 option injection vulnerability . Like the previous vulnerability , a malicious repository can create a .gitmodules file that contains an URL that starts with a dash . By using a dash , when Git clones a repository using the -- recurse-submodules argument , the command will interpret the URL as an option , which could then be used to perform remote code execution on the computer . `` When running `` git clone -- recurse-submodules '' , Git parses the supplied .gitmodules file for a URL field and blindly passes it as an argument to a `` git clone '' subprocess . If the URL field is set to a string that begins with a dash , this `` git clone '' subprocess interprets the URL as an option . This can lead to executing an arbitrary script shipped in the superproject as the user who ran `` git clone '' . '' This vulnerability has been fixed Vulnerability-related.PatchVulnerability in Git v2.19.1 ( with backports in v2.14.5 , v2.15.3 , v2.16.5 , v2.17.2 , and v2.18.1 ) , GitHub Desktop 1.4.2 , Github Desktop 1.4.3-beta0 , Atom 1.31.2 , and Atom 1.32.0-beta3 . The Git Project strongly recommends Vulnerability-related.PatchVulnerability that all users upgrade Vulnerability-related.PatchVulnerability to the latest version of the Git client , Github Desktop , or Atom in order to be protected from malicious repositories .

Logitech Options is an app that controls all of Logitech ’ s mice and keyboards . It offers several different configurations like Changing function key shortcuts , Customizing mouse buttons , Adjusting point and scroll behavior and etc . This app contained Vulnerability-related.DiscoverVulnerability a huge security flaw that was discovered Vulnerability-related.DiscoverVulnerability by Tavis Ormandy who is a Google security researcher . It was found Vulnerability-related.DiscoverVulnerability that Logitech Options was opening a WebSocket server on each individual computer Logitech Options was run on . This WebSocket server would open on port 10134 on which any website could connect and send several various commands which would be JSON-encoded . PID Exploit Through this any attacker can get in and run commands just by setting up a web page . The attacker only needs the Process Identifier ( PID ) . However the PID can be guessed as the software has no limit on the amount of try ’ s conducted . Once the attacker has obtained the PID and is in , consequently he can then completely control the Computer and run it remotely . This can also be used for keystroke injection or Rubber Ducky attacks which have been used to take over PC ’ s in the past . After Ormandy got a hold of Logitech ’ s engineers , he reported Vulnerability-related.DiscoverVulnerability the vulnerability privately to them in a meeting between the Logitech ’ s engineering team and Ormandy on the 18th of September . After waiting a total of 90 days , Ormandy saw the company ’ s failure in addressing Vulnerability-related.PatchVulnerability the issue publicly or through a patch for the app , Thus Ormandy himself posted his finding Vulnerability-related.DiscoverVulnerability on the 11th of December making the issue public . As the story gained attention Accordingly Logitech responded with an update for Logitech Options . Logitech released Vulnerability-related.PatchVulnerability Options version 7.00.564 on the 13th of December . They claim to have fixed Vulnerability-related.PatchVulnerability the origin and type checking bugs along with a patch for the security vulnerability . However they have not mentioned Vulnerability-related.PatchVulnerability the Security Vulnerability patch on their own website . They told German magazine heise.de that the new version does indeed fix Vulnerability-related.PatchVulnerability the vulnerability Travis Ormandy and his team are currently checking the new version of Logitech Options for any signs of Security Vulnerabilities . Everyone with the old version of Logitech Options are advised to upgrade Vulnerability-related.PatchVulnerability to the new 7.00.564 .

CIsco has issued Vulnerability-related.PatchVulnerability a critical patch of a patch for a Cisco Prime License Manager SQL fix . Cisco this week said it patched Vulnerability-related.PatchVulnerability a “ critical ” patch for its Prime License Manager ( PLM ) software that would let attackers execute random SQL queries . The Cisco Prime License Manager offers enterprise-wide management of user-based licensing , including license fulfillment . Released Vulnerability-related.PatchVulnerability in November , the first version of the Prime License Manager patch caused its own “ functional ” problems that Cisco was then forced to fix Vulnerability-related.PatchVulnerability . That patch , called ciscocm.CSCvk30822_v1.0.k3.cop.sgn addressed Vulnerability-related.PatchVulnerability the SQL vulnerability but caused backup , upgrade and restore problems , and should no longer be used Cisco said . Cisco wrote that “ customers who have previously installed Vulnerability-related.PatchVulnerability the ciscocm.CSCvk30822_v1.0.k3.cop.sgn patch should upgrade Vulnerability-related.PatchVulnerability to the ciscocm.CSCvk30822_v2.0.k3.cop.sgn patch to remediate the functional issues . Installing Vulnerability-related.PatchVulnerability the v2.0 patch will first rollback the v1.0 patch and then install Vulnerability-related.PatchVulnerability the v2.0 patch. ” As for the vulnerability that started this process , Cisco says it “ is due to a lack of proper validation of user-supplied input in SQL queries . An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application . A successful exploit could allow the attacker to modify and delete arbitrary data in the PLM database or gain shell access with the privileges of the postgres [ SQL ] user. ” The vulnerability impacts Vulnerability-related.DiscoverVulnerability Cisco Prime License Manager Releases 11.0.1 and later .

The bug was found Vulnerability-related.DiscoverVulnerability in the core infrastructure of Apache Struts 2 . The Apache Software Foundation has patched Vulnerability-related.PatchVulnerability a critical security vulnerability which affects Vulnerability-related.DiscoverVulnerability all versions of Apache Struts 2 . Uncovered Vulnerability-related.DiscoverVulnerability by researchers from cybersecurity firm Semmle , the security flaw is caused by the insufficient validation of untrusted user data in the core Struts framework . When Apache Struts uses results with no namespace and in the same time , upper actions have no wild namespace . The same opportunity for exploit exists when the URL tag is in use and there is no value or action set . As the bug , CVE-2018-11776 , has been discovered Vulnerability-related.DiscoverVulnerability in the Struts core , the team says there are multiple attack vectors threat actors could use to exploit the vulnerability . If the alwaysSelectFullNamespace flag is set to true in the Struts configuration , which is automatically the case when the Struts Convention plugin is in use , or if a user 's Struts configuration file contains a tag that does not specify the optional namespace attribute or specifies a wildcard namespace . Man Yue Mo from the Semmle Security Research Team first reported Vulnerability-related.DiscoverVulnerability the flaw . `` This vulnerability affects Vulnerability-related.DiscoverVulnerability commonly-used endpoints of Struts , which are likely to be exposed , opening up an attack vector to malicious hackers , '' Mo says Vulnerability-related.DiscoverVulnerability . `` On top of that , the weakness is related to the Struts OGNL language , which hackers are very familiar with , and are known to have been exploited Vulnerability-related.DiscoverVulnerability in the past . '' The vulnerability affects Vulnerability-related.DiscoverVulnerability all versions of Apache Struts 2 . Companies which use the popular open-source framework are urged to update their builds immediately . Users of Struts 2.3 are advised to upgrade Vulnerability-related.PatchVulnerability to 2.3.35 ; users of Struts 2.5 need to upgrade Vulnerability-related.PatchVulnerability to 2.5.17 . As the latest releases only contain Vulnerability-related.PatchVulnerability fixes for the vulnerability , Apache does not expect users to experience any backward compatibility issues . `` Previous disclosures Vulnerability-related.DiscoverVulnerability of similarly critical vulnerabilities have resulted in exploits being published Vulnerability-related.DiscoverVulnerability within a day , putting critical infrastructure and customer data at risk , '' Semmle says . `` All applications that use Struts are potentially vulnerable Vulnerability-related.DiscoverVulnerability , even when no additional plugins have been enabled . '' Mo first reported Vulnerability-related.DiscoverVulnerability the findings in April . By June , the Apache Struts team published the code which resolved Vulnerability-related.PatchVulnerability the problem , leading to the release Vulnerability-related.PatchVulnerability of official patches on August 22 .

The bug was found Vulnerability-related.DiscoverVulnerability in the core infrastructure of Apache Struts 2 . The Apache Software Foundation has patched Vulnerability-related.PatchVulnerability a critical security vulnerability which affects Vulnerability-related.DiscoverVulnerability all versions of Apache Struts 2 . Uncovered Vulnerability-related.DiscoverVulnerability by researchers from cybersecurity firm Semmle , the security flaw is caused by the insufficient validation of untrusted user data in the core Struts framework . When Apache Struts uses results with no namespace and in the same time , upper actions have no wild namespace . The same opportunity for exploit exists when the URL tag is in use and there is no value or action set . As the bug , CVE-2018-11776 , has been discovered Vulnerability-related.DiscoverVulnerability in the Struts core , the team says there are multiple attack vectors threat actors could use to exploit the vulnerability . If the alwaysSelectFullNamespace flag is set to true in the Struts configuration , which is automatically the case when the Struts Convention plugin is in use , or if a user 's Struts configuration file contains a tag that does not specify the optional namespace attribute or specifies a wildcard namespace . Man Yue Mo from the Semmle Security Research Team first reported Vulnerability-related.DiscoverVulnerability the flaw . `` This vulnerability affects Vulnerability-related.DiscoverVulnerability commonly-used endpoints of Struts , which are likely to be exposed , opening up an attack vector to malicious hackers , '' Mo says Vulnerability-related.DiscoverVulnerability . `` On top of that , the weakness is related to the Struts OGNL language , which hackers are very familiar with , and are known to have been exploited Vulnerability-related.DiscoverVulnerability in the past . '' The vulnerability affects Vulnerability-related.DiscoverVulnerability all versions of Apache Struts 2 . Companies which use the popular open-source framework are urged to update their builds immediately . Users of Struts 2.3 are advised to upgrade Vulnerability-related.PatchVulnerability to 2.3.35 ; users of Struts 2.5 need to upgrade Vulnerability-related.PatchVulnerability to 2.5.17 . As the latest releases only contain Vulnerability-related.PatchVulnerability fixes for the vulnerability , Apache does not expect users to experience any backward compatibility issues . `` Previous disclosures Vulnerability-related.DiscoverVulnerability of similarly critical vulnerabilities have resulted in exploits being published Vulnerability-related.DiscoverVulnerability within a day , putting critical infrastructure and customer data at risk , '' Semmle says . `` All applications that use Struts are potentially vulnerable Vulnerability-related.DiscoverVulnerability , even when no additional plugins have been enabled . '' Mo first reported Vulnerability-related.DiscoverVulnerability the findings in April . By June , the Apache Struts team published the code which resolved Vulnerability-related.PatchVulnerability the problem , leading to the release Vulnerability-related.PatchVulnerability of official patches on August 22 .

Independent security researcher Dawid Golunski has released Vulnerability-related.DiscoverVulnerability a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 ( CVE-2016-10033 ) , and information about an unauthorized password reset zero-day vulnerability ( CVE-2017-8295 ) in the latest version of the popular CMS . The vulnerability exists in Vulnerability-related.DiscoverVulnerability the PHPMailer library , and can be exploited Vulnerability-related.DiscoverVulnerability by unauthenticated remote attackers to gain access to and compromise an target application server on which a vulnerable WordPress Core version is installed ( in its default configuration ) . “ No plugins or non-standard settings are required to exploit the vulnerability , ” Golunski noted . The hole has been responsibly disclosed Vulnerability-related.DiscoverVulnerability to the WordPress Foundation , and has been plugged Vulnerability-related.PatchVulnerability in January , with the release of WordPress 4.7.1 . Still , according to the Foundation ’ s own numbers , nearly 11 percent of all WordPress installation out there are still stuck on the vulnerable version 4.6 . And , as Golunski noted Vulnerability-related.DiscoverVulnerability , it ’ s possible that older WordPress versions are also affected Vulnerability-related.DiscoverVulnerability by the same flaw , so the percentage of vulnerable installations could be considerably higher : Admins who still run these older versions of the popular CMS should upgrade Vulnerability-related.PatchVulnerability to newer versions , ideally to the latest one ( v4.7.4 ) . Still , even that might not be a guarantee against compromise , as Golunski has also publicly released Vulnerability-related.DiscoverVulnerability information and POC code for an unauthorized password reset vulnerability ( CVE-2017-8295 ) that the WordPress Foundation is yet to patch Vulnerability-related.PatchVulnerability . According to him and BeyondSecurity , whose SecuriTeam coordinated the disclosure Vulnerability-related.DiscoverVulnerability of the flaw to the WordPress developers , the discovery Vulnerability-related.DiscoverVulnerability of the vulnerability dates back to mid-2016 . Golunski found Vulnerability-related.DiscoverVulnerability it in version 4.3.1 of the CMS . “ WordPress has a password reset feature that contains Vulnerability-related.DiscoverVulnerability a vulnerability which might in some cases allow attackers to get hold of the password reset link without previous authentication . Such attack could lead to an attacker gaining unauthorized access to a victim ’ s WordPress account , ” BeyondSecurity explained . “ The vulnerability stems from WordPress using untrusted data by default when creating a password reset e-mail that is supposed to be delivered only to the e-mail associated with the owner ’ s account. ” Golunski says Vulnerability-related.DiscoverVulnerability that the issue was reported Vulnerability-related.DiscoverVulnerability to the WordPress security team multiple times , but they did not confirm whether it has been patched Vulnerability-related.PatchVulnerability . He ultimately decided to publish Vulnerability-related.DiscoverVulnerability his findings , and offer Vulnerability-related.PatchVulnerability a temporary solution ( “ users can enable UseCanonicalName to enforce static SERVER_NAME value ” ) .

Cyber security researchers on Monday pointed to code in a "ransomware" attack Attack.Ransom that could indicate a link to North Korea . Symantec and Kaspersky Lab each cited code that was previously used by a hacker collective known as the Lazarus Group , which was behind the high-profile 2014 hack of Sony that was also blamed on North Korea . But the security firms cautioned that it is too early to make any definitive conclusions , in part because the code could have been merely copied by someone else for use in the current event . The effects of the ransomware attack Attack.Ransom appeared to ease Monday , although thousands more computers , mostly in Asia , were hit Attack.Ransom as people signed in at work for the first time since the infections spread to 150 countries late last week . Health officials in Britain , where surgeries and doctors ' appointments in its national health care system had been severely impacted Friday , were still having problems Monday . But health minister Jeremy Hunt said it was `` encouraging '' that a second wave of attacks had not materialized . He said `` the level of criminal activity is at the lower end of the range that we had anticipated . '' In the United States , Tom Bossert , a homeland security adviser to President Donald Trump , told the ABC television network the global cybersecurity attack is something that `` for right now , we 've got under control . '' He told reporters at the White House that `` less than $ 70,000 '' has been paid as ransom Attack.Ransom to those carrying out the attacks . He urged all computer users to make sure they install Vulnerability-related.PatchVulnerability software patches to protect themselves against further cyberattacks . In the television interview , Bossert described the malware that paralyzed 200,000 computers running factories , banks , government agencies , hospitals and transportation systems across the globe as an `` extremely serious threat . '' Cybersecurity experts say the hackers behind the `` WannaCry '' ransomware , who demanded Attack.Ransom $ 300 payments Attack.Ransom to decrypt files locked by the malware , used a vulnerability that came from U.S. government documents leaked online . The attacks exploited Vulnerability-related.DiscoverVulnerability known vulnerabilities in older Microsoft computer operating systems . During the weekend , Microsoft president Brad Smith said the clandestine U.S. National Security Agency had developed the code used in the attack . Bossert said `` criminals , '' not the U.S. government , are responsible for the attacks . Like Bossert , experts believe Microsoft 's security patch released Vulnerability-related.PatchVulnerability in March should protect networks if companies and individual users install it . Russian President Vladimir Putin said his country had nothing to do with the attack and cited the Microsoft statement blaming the NSA for causing the worldwide cyberattack . `` A genie let out of a bottle of this kind , especially created by secret services , can then cause damage to its authors and creators , '' Putin said while attending an international summit in Beijing . He said that while there was `` no significant damage '' to Russian institutions from the cyberattack , the incident was `` worrisome . '' `` There is nothing good in this and calls for concern , '' he said . Even though there appeared to be a diminished number of attacks Monday , computer outages still affected segments of life across the globe , especially in Asia , where Friday 's attacks occurred after business hours . China China said 29,000 institutions had been affected , along with hundreds of thousands of devices . Japan 's computer emergency response team said 2,000 computers at 600 locations were affected there . Universities and other educational institutions appeared to be the hardest hit in China . China 's Xinhua News Agency said railway stations , mail delivery , gas stations , hospitals , office buildings , shopping malls and government services also were affected . Elsewhere , Britain said seven of the 47 trusts that run its national health care system were still affected , with some surgeries and outpatient appointments canceled as a result . In France , auto manufacturer Renault said one of its plants that employs 3,500 workers stayed shut Monday as technicians dealt with the aftermath of the Friday attacks . Security patches Computer security experts have assured individual computer users who have kept their operating systems updated that they are relatively safe , but urged companies and governments to make sure they apply Vulnerability-related.PatchVulnerability security patches or upgrade Vulnerability-related.PatchVulnerability to newer systems . They advised those whose networks have been effectively shut down by the ransomware attack Attack.Ransom not to make the payment demanded Attack.Ransom , the equivalent of $ 300 , paid Attack.Ransom in the digital currency bitcoin . However , the authors of the "WannaCry" ransomware attack Attack.Ransom told their victims the amount they must pay Attack.Ransom will double if they do not comply within three days of the original infection , by Monday in most cases . The hackers warned that they will delete all files on infected systems if no payment Attack.Ransom is received within seven days .

Apache Struts is an open-source web development framework for Java web applications . On Monday , the Apache Struts developers fixed Vulnerability-related.PatchVulnerability a high-impact vulnerability in the framework 's Jakarta Multipart parser . The vulnerability is very easy to exploit and allows attackers to execute system commands with the privileges of the user running the web server process . What 's even worse is that the Java web application does n't even need to implement file upload functionality via the Jakarta Multipart parser in order to be vulnerable . According to researchers from Qualys , the simple presence on the web server of this component , which is part of the Apache Struts framework by default , is enough to allow exploitation . `` Needless to say we think this is a high priority issue and the consequence of a successful attack is dire , '' said Amol Sarwate , director of Vulnerability Labs at Qualys , in a blog post . Companies who use Apache Struts on their servers should upgrade Vulnerability-related.PatchVulnerability the framework to versions 2.3.32 or 2.5.10.1 as soon as possible . Researchers from Cisco Talos have observed `` a high number of exploitation events . '' Some of them only execute the Linux command whoami to determine the privileges of the web server user and are probably used for initial probing . Others go further and stop the Linux firewall and then download an ELF executable that 's executed on the server . `` The payloads have varied but include an IRC bouncer , a DoS bot , and a sample related to the bill gates botnet , '' the Talos researchers said in a blog post . According to researchers from Spanish outfit Hack Players , Google searches indicate Vulnerability-related.DiscoverVulnerability 35 million web applications that accept `` filetype : action '' uploads and a high percentage of them are likely vulnerable Vulnerability-related.DiscoverVulnerability . It 's somewhat unusual that attacks have started so quickly after the flaw was announced Vulnerability-related.DiscoverVulnerability and it 's not yet clear whether an exploit for the vulnerability already existed in Vulnerability-related.DiscoverVulnerability closed circles before Monday . Users who ca n't immediately upgrade Vulnerability-related.PatchVulnerability to the patched Struts versions can apply a workaround that consists of creating a Servlet filter for Content-Type that would discard any requests not matching multipart/form-data . Web application firewall rules to block such requests are also available from various vendors

Apache Struts is an open-source web development framework for Java web applications . On Monday , the Apache Struts developers fixed Vulnerability-related.PatchVulnerability a high-impact vulnerability in the framework 's Jakarta Multipart parser . The vulnerability is very easy to exploit and allows attackers to execute system commands with the privileges of the user running the web server process . What 's even worse is that the Java web application does n't even need to implement file upload functionality via the Jakarta Multipart parser in order to be vulnerable . According to researchers from Qualys , the simple presence on the web server of this component , which is part of the Apache Struts framework by default , is enough to allow exploitation . `` Needless to say we think this is a high priority issue and the consequence of a successful attack is dire , '' said Amol Sarwate , director of Vulnerability Labs at Qualys , in a blog post . Companies who use Apache Struts on their servers should upgrade Vulnerability-related.PatchVulnerability the framework to versions 2.3.32 or 2.5.10.1 as soon as possible . Researchers from Cisco Talos have observed `` a high number of exploitation events . '' Some of them only execute the Linux command whoami to determine the privileges of the web server user and are probably used for initial probing . Others go further and stop the Linux firewall and then download an ELF executable that 's executed on the server . `` The payloads have varied but include an IRC bouncer , a DoS bot , and a sample related to the bill gates botnet , '' the Talos researchers said in a blog post . According to researchers from Spanish outfit Hack Players , Google searches indicate Vulnerability-related.DiscoverVulnerability 35 million web applications that accept `` filetype : action '' uploads and a high percentage of them are likely vulnerable Vulnerability-related.DiscoverVulnerability . It 's somewhat unusual that attacks have started so quickly after the flaw was announced Vulnerability-related.DiscoverVulnerability and it 's not yet clear whether an exploit for the vulnerability already existed in Vulnerability-related.DiscoverVulnerability closed circles before Monday . Users who ca n't immediately upgrade Vulnerability-related.PatchVulnerability to the patched Struts versions can apply a workaround that consists of creating a Servlet filter for Content-Type that would discard any requests not matching multipart/form-data . Web application firewall rules to block such requests are also available from various vendors

Cisco 's Talos says they 've observed Vulnerability-related.DiscoverVulnerability active attacks against a Zero-Day vulnerability in Apache 's Struts , a popular Java application framework . Cisco started investigating Vulnerability-related.DiscoverVulnerability the vulnerability shortly after it was disclosed Vulnerability-related.DiscoverVulnerability , and found Vulnerability-related.DiscoverVulnerability a number of active attacks . In an advisory issued on Monday , Apache says Vulnerability-related.DiscoverVulnerability the problem with Struts exists within the Jakarta Multipart parser . `` It is possible to perform a RCE attack with a malicious Content-Type value . If the Content-Type value is n't valid an exception is thrown which is then used to display an error message to a user , '' the warning explained . `` If you are using Jakarta based file upload Multipart parser , upgrade Vulnerability-related.PatchVulnerability to Apache Struts version 2.3.32 or 2.5.10.1 . You can also switch to a different implementation of the Multipart parser . '' The alternative is the Pell parser plugin , which uses Jason Pell 's multipart parser instead of the Common-FileUpload library , Apache explains . In addition , administrators concerned about the issue could just apply the proper updates , which are currently available Vulnerability-related.PatchVulnerability . In a blog post , Cisco said they discovered a number of attacks that seem to be leveraging a publicly released proof-of-concept to run various commands . Such commands include simple ones ( 'whoami ' ) as well as more sophisticated ones , including pulling down malicious ELF executable and running it . An example of one attack , which attempts to copy the file to a harmless directory , ensure the executable runs , and that the firewall is disabled is boot-up , is below : Both Cisco and Apache urge administrators to take action , either by patching Vulnerability-related.PatchVulnerability or ensuring their systems are not vulnerable . This is n't the first time the Struts platform has come under attack . In 2013 , Chinese hackers were using an automated tool to exploit known vulnerabilities in order to install a backdoor .