Category: Security Vulnerability Alert

Providing a reliable, weekly summary of newly discovered attack vectors, vulnerabilities with active exploits, and explanations of how recent attacks worked

Posted on

@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 9

@RISK: The Consensus Security Vulnerability Alert
March 1, 2018 – Vol. 18, Num. 09
=========================================================
CONTENTS:

NOTABLE RECENT SECURITY ISSUES
INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY
VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE
MOST PREVALENT MALWARE FILES 2018-02-20 – 2018-02-27
=========================================================
TOP VULNERABILITY THIS WEEK: Multiple Vulnerabilities in Trend Micro Email Encryption Gateway Disclosed
=========================================================
NOTABLE RECENT SECURITY ISSUES
SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Multiple Vulnerabilities in Trend Micro Email Encryption Gateway Disclosed
Description: Researchers from Core Security have identified multiple vulnerabilities in Trend Micro Email Encryption Gateway. The most severe of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands as root on affected devices. Other vulnerabilities include SQL injections, insecure updates via HTTP, reflected XSS attacks, and arbitrary locations leading to command execution. Trend Micro has released a software update addressing a majority of these vulnerabilities. Two additional vulnerabilities were reported to Trend Micro but were not patched “due to the difficulties of implementing and the negative impact on critical normal product function.”
Reference: https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Snort SID: Detection pending

Title: Google Project Zero Discloses Unpatched Windows 10 Privilege Escalation Vulnerability
Description: Google Project Zero has disclosed a privilege escalation vulnerability in Windows 10 that has not yet been patched. Details of this vulnerability were made on Feb 20. Per Project Zero notes, Microsoft considers this vulnerability “Important” as code execution is a prerequisite to exploit it as it cannot be exploited remotely by itself. Patches for this vulnerability are anticipated the following Patch Tuesday.
Reference: https://bugs.chromium.org/p/project-zero/issues/detail?id=1428
Snort SID: Detection pending

Continue reading “@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 9”

Posted on

@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 8

@RISK: The Consensus Security Vulnerability Alert
February 22, 2018 – Vol. 18, Num. 08
=========================================================
CONTENTS:

NOTABLE RECENT SECURITY ISSUES
INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY
VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE
MOST PREVALENT MALWARE FILES 2018-02-13 – 2018-02-20
=========================================================
TOP VULNERABILITY THIS WEEK: Apple Releases Security Update for “Text Bomb” Flaw in iOS and macOS
=========================================================

SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Apple Releases Security Update for “Text Bomb” Flaw in iOS and macOS
Description: Apple has released a supplemental security update in response to the “text bomb” denial of service flaw in iOS, macOS, watchOS, and tvOS. The “text bomb” vulnerability, identified as CVE-2018-4124, is a flaw in how certain characters are handled and rendered by the operating system and could result in application and system crashes. Users are advised to update their devices as people triggering this flaw has been observed.
Reference: https://support.apple.com/en-us/HT208534

Title: Dell EMC Releases Security Advisory for Flaws in VMAX Virtual Appliance Manager
Description: Dell EMC has released a security advisory for two vulnerabilities that have been identified in VMAX Virtual Appliance (vApp) Manager. These vulnerabilities, assigned CVE-2018-1215 and CVE-2018-1216, are severe and have been assessed CVSSv3 scores of 8.8 and 9.8 respectively. CVE-2018-1215 is an arbitrary file upload vulnerability while CVE-2018-1216 is a hard-coded credential vulnerability. Dell EMC has released a software update that addresses these vulnerabilities.
Reference: http://seclists.org/fulldisclosure/2018/Feb/41
Snort SID: Detection pending release of vulnerability information

Continue reading “@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 8”

Posted on

@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 7

@RISK: The Consensus Security Vulnerability Alert
February 15, 2018 – Vol. 18, Num. 07
=========================================================
CONTENTS:

NOTABLE RECENT SECURITY ISSUES
INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY
VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE
MOST PREVALENT MALWARE FILES 2018-02-06 – 2018-02-13
=========================================================
TOP VULNERABILITY THIS WEEK: Microsoft Releases Monthly Security Advisories for Feb 2018
=========================================================
NOTABLE RECENT SECURITY ISSUES
SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Microsoft Releases Monthly Security Advisories for Feb 2018
Description: Microsoft has released its monthly set of security advisories for vulnerabilities that have been addressed in supported products. This month’s update sees 54 vulnerabilities addressed with 14 rated critical, 38 rated important, and 2 rated moderate. These vulnerabilities impact Edge, Office, Outlook, Windows, and more.
Reference: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/879af9c3-970b-e811-a961-000d3a33c573
Snort SID: 45624-45637, 45649-45650, 45654-45657, 45659-45660, 45673-45674, 40691-40692

Continue reading “@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 7”

Wildcard SSL