Security fix for the ALT Linux 9 package clamav version 0.99.4-alt1
March 4, 2018 Sergey Y. Afonin 0.99.4-alt1 - 0.99.4 (CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-0202, and...
9.8CVSS
6.9AI Score
0.024EPSS
Security fix for the ALT Linux 10 package clamav version 0.99.4-alt1
March 4, 2018 Sergey Y. Afonin 0.99.4-alt1 - 0.99.4 (CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-0202, and...
9.8CVSS
6.9AI Score
0.024EPSS
Security fix for the ALT Linux 8 package clamav version 0.99.4-alt1
March 4, 2018 Sergey Y. Afonin 0.99.4-alt1 - 0.99.4 (CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-0202, and...
9.8CVSS
6.9AI Score
0.024EPSS
Siemens SIMATIC WinCC Add-On (Update A)
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC Add-On Vulnerabilities: Stack-based Buffer Overflow, Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Security Features, Improper...
9.9CVSS
10.3AI Score
0.155EPSS
Nortek Linear eMerge E3 Series
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Nortek Equipment: Linear eMerge E3 Series Vulnerability: Command Injection AFFECTED PRODUCTS The following Linear eMerge, an access control interface, versions are affected: Linear eMerge E3 series Versions V0.32-07e...
9.8CVSS
10AI Score
0.003EPSS
This Week in Security News: Senate Hearings and Equifax Breaches
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, leaders of six security agencies testified before the Senate Intelligence Committee, the Equifax hack grew in severity, and hackers used the.....
7AI Score
U.S. Arrests 13, Charges 36 in ‘Infraud’ Cybercrime Forum Bust
The U.S. Justice Department announced charges on Wednesday against three dozen individuals thought to be key members of 'Infraud," a long-running cybercrime forum that federal prosecutors say cost consumers more than a half billion dollars. In conjunction with the forum takedown, 13 alleged...
7.1AI Score
Alleged Spam Kingpin ‘Severa’ Extradited to US
Peter Yuryevich Levashov, a 37-year-old Russian computer programmer thought to be one of the world's most notorious spam kingpins, has been extradited to the United States to face federal hacking and spamming charges. Levashov, in an undated photo. Levashov, who allegedly went by the hacker names.....
6.8AI Score
Security fix for the ALT Linux 8 package clamav version 0.99.3-alt1
0.99.3-alt1 built Jan. 30, 2018 Sergey Y. Afonin in task #198652 Jan. 28, 2018 Sergey Y. Afonin - 0.99.3 (multiple CVE's, look to README) - removed cve-2017-6418.patch and cve-2017-6420.patch (in upstream...
5.5CVSS
5.9AI Score
0.008EPSS
Security fix for the ALT Linux 9 package clamav version 0.99.3-alt1
Jan. 28, 2018 Sergey Y. Afonin 0.99.3-alt1 - 0.99.3 (multiple CVE's, look to README) - removed cve-2017-6418.patch and cve-2017-6420.patch (in upstream...
5.5CVSS
6AI Score
0.008EPSS
Security fix for the ALT Linux 10 package clamav version 0.99.3-alt1
Jan. 28, 2018 Sergey Y. Afonin 0.99.3-alt1 - 0.99.3 (multiple CVE's, look to README) - removed cve-2017-6418.patch and cve-2017-6420.patch (in upstream...
5.5CVSS
6.3AI Score
0.008EPSS
In April 2017, we published a detailed review of a malicious program that used DNS tunneling to communicate to its C&C. That study prompted us to develop a technology to detect similar threats, which allowed us to collect a multitude of malware samples using DNS tunneling. In this article, we will....
7.2AI Score
WECON Technology Co., Ltd. LeviStudio HMI Editor
CVSS v3 5.3 ATTENTION: Locally exploitable/low skill level to exploit. Vendor: WECON Technology Co., Ltd. (WECON) Equipment: LeviStudio HMI Editor Vulnerabilities: Buffer Overflows AFFECTED PRODUCTS The following versions of LEVI Studio HMI Editor, an HMI programming software product, are...
7.8CVSS
8.6AI Score
0.019EPSS
Wecon LeviStudioU General WriteAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of...
7.8CVSS
3.4AI Score
0.019EPSS
Siemens SIMATIC WinCC Add-On (Update A)
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC Add-On Vulnerabilities: Stack-based Buffer Overflow, Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Security Features, Improper...
9.8CVSS
1AI Score
0.155EPSS
At the end of last year Mr. Jake Williams from aka @MalwareJake asked a very important question about Lack of visibility during detecting APT intrusions in twitter. Results show us that endpoint analysis is the most important part of any research connected with APTs. Also, for sure endpoint...
7.1AI Score
Stable Channel Update for Desktop
The stable channel has been updated to 63.0.3239.108 for Windows, Mac and Linux which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain...
6.1CVSS
7.4AI Score
0.003EPSS
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 63 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 63.0.3239.84 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming.....
8.8CVSS
8AI Score
0.028EPSS
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference AFFECTED PRODUCTS Siemens...
8.2CVSS
8.2AI Score
0.006EPSS
Siemens Update Patches SIMATIC PCS 7 Bug in Some Versions
Siemens has made an update available for some of its SIMATIC PCS 7 distributed control systems that are impacted by a remotely exploitable input validation vulnerability. Siemens said version 8.2 and V8.1 prior to 8.1 SP1 with WinCC v7.3 Update 13 are affected. “Successful exploitation of this...
2.8AI Score
0.167EPSS
Silence Gang Borrows From Carbanak To Steal From Banks
A cybercrime outfit stealing from as many as 10 banks in Russia, Armenia and Malaysia has borrowed heavily from one of the kingpins in this realm, Carbanak, which is alleged to have stolen possibly as much as $1 billion worldwide from financial organizations. The new group has been called Silence.....
0.9AI Score
Cryptocurrency has gradually evolved from an element of a new world, utopian economy to a business that has affected even those sectors of society least involved in information technology. At the same time, it has acquired a fair number of "undesirable" supporters who aim to enrich themselves at...
7AI Score
Ayukov NFTP FTP Client Stack Buffer Overflow Analysis
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. Recent assessments: wchen-r7 at September 12, 2019 6:08pm UTC reported: Details Ayukov is an FTP client that was written by Sergey Ayukov back in 1994. Development stopped in 2011,...
9.8CVSS
0.8AI Score
0.589EPSS
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference UPDATE INFORMATION This updated....
8.2CVSS
0.8AI Score
0.006EPSS
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference UPDATE INFORMATION This updated....
8.2CVSS
0.6AI Score
0.006EPSS
Stable Channel Update for Desktop
The stable channel has been updated to 61.0.3163.100 for Windows, Mac and Linux which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain...
8.8CVSS
8.3AI Score
0.046EPSS
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 61 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 61.0.3163.79 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for...
8.8CVSS
7.8AI Score
0.275EPSS
Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks
Administrators who have Siemens’ LOGO! logic module deployed in automation setups are being urged to update its firmware. The German industrial manufacturing giant pushed out an update for its LOGO! 8 BM devices Wednesday morning to fix a vulnerability (CVE-2017-12734) that could let an attacker...
2.3AI Score
0.001EPSS
Revamped Nukebot Malware Changes Targets, Adds Functions
A revamped version of the Nukebot banking trojan dubbed Jimmy Nukebot has shifted focus from stealing bankcard data and now acts as a conduit for quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of targeted systems. The code is a modification of....
-0.1AI Score
Jimmy Nukebot: from Neutrino with love
_ "You FOOL! This isn't even my final form!"_ In one of our previous articles, we analyzed the NeutrinoPOS banker as an example of a constantly evolving malware family. A week after publication, this Neutrino modification delivered up a new malicious program classified by Kaspersky Lab as...
7.3AI Score
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, see....
9.8CVSS
0.7AI Score
0.582EPSS
Targeted attacks and malware campaigns Back to the future: looking for a link between old and new APTs This year's Security Analyst Summit (SAS) included interesting research findings on several targeted attack campaigns. For example, researchers from Kaspersky Lab and King's College London...
7.2AI Score
0.511EPSS
Ukrainian Man Arrested For Distributing NotPetya Ransomware And Helping Tax Evaders
Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware (Petya.A, also known as NotPetya) — the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine as well as different parts of Europe around 45 days...
6.9AI Score
Security fix for the ALT Linux 9 package libssh version 0.7.5-alt1
Aug. 8, 2017 Sergey V Turchin 0.7.5-alt1 - new version - security fix:...
5.9CVSS
6AI Score
0.004EPSS
Security fix for the ALT Linux 8 package libssh version 0.7.5-alt1
Aug. 8, 2017 Sergey V Turchin 0.7.5-alt1 - new version - security fix:...
5.9CVSS
6AI Score
0.004EPSS
Nmap 7.60 - Free Security Scanner For Network Exploration & Security Audits
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP...
7.5AI Score
CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware
Last month, we reported about a group of hackers exploiting SambaCry—a 7-year-old critical remote code execution vulnerability in Samba networking software—to hack Linux computers and install malware to mine cryptocurrencies. The same group of hackers is now targeting Windows machines with a new...
10.2AI Score
0.973EPSS
CowerSnail, from the creators of SambaCry
We recently reported about SambaCry, a new family of Linux Trojans exploiting a vulnerability in the Samba protocol. A week later, Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C.....
6.9AI Score
Modified Versions of Nukebot in Wild Since Source Code Leak
Some opportunistic criminals have put the leaked source code for the Nukebot banking Trojan to use, targeting banks in the United States and France with variants of the malware, while another group has adapted it to steal mail client and browser passwords. The leak was disclosed in early March...
AI Score
The NukeBot banking Trojan: from rough drafts to real threats
This spring, the author of the NukeBot banking Trojan published the source code of his creation. He most probably did so to restore his reputation on a number of hacker forums: earlier, he had been promoting his development so aggressively and behaving so erratically that he was eventually...
7.1AI Score
The Magala Trojan Clicker: A Hidden Advertising Threat
One large group will slowly conquer another large group, reduce its numbers, and thus lessen its chance of further variation and improvement. <…> Small and broken groups and sub-groups will finally tend to disappear. Charles Darwin. 'On the Origin of Species' The golden age of Trojans and vir...
6.8AI Score
Neutrino modification for POS-terminals
From time to time authors of effective and long-lived Trojans and viruses create new modifications and forks of them, like any other software authors. One of the brightest examples amongst them is Zeus (Trojan-Spy.Win32.Zbot, based on classification of "Kaspersky Lab"), which continues to spawn...
6.9AI Score
Siemens SICAM PAS Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-01 Siemens SICAM PAS Vulnerabilities that was published December 1, 2016, on the NCCIC/ICS-CERT web site. Siemens has released an advisory to inform its users on how to mitigate vulnerabilities that affect...
9.8CVSS
9.2AI Score
0.014EPSS
IBM Informix Dynamic Server / Informix Open Admin Tool - DLL Injection / Remote Code Execution / Hea
Exploit for windows platform in category web...
8.2AI Score
0.966EPSS
0.1AI Score
0.966EPSS
7.5CVSS
8AI Score
EPSS
IBM Informix Dynamic Server Informix Open Admin Tool - DLL Injection Remote Code Execution Heap Buffer...
9.8CVSS
0.5AI Score
0.966EPSS
IBM Informix Dynamic Server Open Admin Tool RCE (CVE-2017-1092)
Vulnerabilities Summary The following advisory describes six (6) vulnerabilities found in Informix Dynamic Server and Informix Open Admin Tool. IBM Informix Dynamic Server Exceptional, low maintenance online transaction processing (OLTP) data server for enterprise and workgroup computing. IBM...
10.4AI Score
0.966EPSS
Security fix for the ALT Linux 8 package kde5-smb4k version 2.0.1-alt1.M80P.1
2.0.1-alt1.M80P.1 built May 19, 2017 Sergey V Turchin in task #183142 May 19, 2017 Sergey V Turchin - security fixes:...
7.8CVSS
2.6AI Score
0.0004EPSS
Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional
CVSS v3 4.9 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC WinCC Runtime Professional Vulnerability: Denial of Service AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of SIMATIC WinCC, SIMATIC....
4.9CVSS
5.7AI Score
0.003EPSS