CVE – Page 4 – Computer Security Articles

A week in security (September 24 – 30)

October 1, 2018 admin CVE, CVE-2018-8373, Facebook, Googlr, iPhoneXS, Lojax, Magecart, microsoft, Mojave, mutagen astronomy, osx, phishing, port of san diego, quasar rat, safari extensions, Security world, sms phishing, telegram, TV licensing, unwanted calls, Week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 01 Oct 2018 16:44:20 +0000

A roundup of the security news from September 24–30 including phishing, Apple woes, a vulnerability in the wild, e-commerce attacks, phone spam, and a massive Facebook breach.

Categories:

Tags: CVE CVE-2018-8373 facebook Googlr iPhoneXS Lojax Magecart microsoft Mojave mutagen astronomy osx phishing port of san diego quasar rat safari extensions sms phishing telegram TV licensing unwanted calls

(Read more…)

The post A week in security (September 24 – 30) appeared first on Malwarebytes Labs.

Security Sophos

Microsoft’s September patches fix a raft of serious bugs

September 19, 2018 admin 2018-09, CVE, Exploits, FragmentSmack, microsoft, October 2018, office, Patch Tuesday, SophosLabs Uncut, vulnerabilities, windows

Credit to Author: Andrew Brandt| Date: Wed, 19 Sep 2018 18:00:07 +0000

Updates for Windows and Mac users resolve more than five dozen software vulnerabilities<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/HBOC9eD3Jfo” height=”1″ width=”1″ alt=””/>

QuickHeal Security

An in-depth analysis of a new, emerging “.url” malware campaign – by Quick Heal Security Labs

March 21, 2018 admin Botnet, CVE, email, JavaScript, malware, phishing, Security, SMB, spam campaign, URL

Credit to Author: Pradeep Kulkarni| Date: Mon, 19 Mar 2018 14:19:13 +0000

Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s…

QuickHeal Security

An in-depth analysis of a new, emerging “.url” malware campaign – An analysis by Quick Heal Security Labs

March 19, 2018 admin Botnet, CVE, email, JavaScript, malware, phishing, Security, SMB, spam campaign, URL

Credit to Author: Pradeep Kulkarni| Date: Mon, 19 Mar 2018 14:19:13 +0000

QuickHeal Security

Chinese, Russian hackers counting on Apache Struts vulnerabilities – a report by Quick Heal Security Labs

March 7, 2018 admin Apache Struts, CVE, exploit, Hacker, Security, Security patch, vulnerabilities, Vulnerability

Credit to Author: Sameer Patil| Date: Wed, 07 Mar 2018 10:32:57 +0000

Apache Struts is an open-source CMS based on MVC framework for developing Java EE Web Applications. Apache Struts has been widely used by many Fortune 100 companies and government agencies over the years for developing web applications. But, websites built using a CMS constantly need to upgrade the CMS versions in their web application servers, because vulnerabilities…

QuickHeal Security

CVE-2017-9805 | Apache Struts 2 Remote Code Execution Vulnerability – An analysis by Quick Heal Security Labs

September 7, 2017 admin Apache Struts, CVE, CVE-2017-9805, Hacker, malware, Security patch, Vulnerability

Credit to Author: Pradeep Kulkarni| Date: Thu, 07 Sep 2017 09:06:18 +0000

A critical remote code execution vulnerability has been discovered in the popular web application framework Apache Struts, which allows attackers to execute an arbitrary code. To address this issue, Apache Struts has issued a security advisory and CVE-2017-9805 has been assigned to it. The attacker may use this vulnerability to…

The post CVE-2017-9805 | Apache Struts 2 Remote Code Execution Vulnerability – An analysis by Quick Heal Security Labs appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

QuickHeal Security

CVE-2017-9805 – Apache Struts 2 Remote Code Execution Vulnerability by Quick Heal Security Labs

September 7, 2017 admin Apache Struts, CVE, CVE-2017-9805, Hacker, malware, Security patch, Vulnerability

Credit to Author: Pradeep Kulkarni| Date: Thu, 07 Sep 2017 09:06:18 +0000

A critical remote code execution vulnerability has been discovered in famous web application framework Apache Struts, which allows attackers to execute arbitrary code. To address this issue, Apache Struts has issued a security advisory and CVE-2017-9805 has been assigned to it. The attacker may use this vulnerability to target organizations…

The post CVE-2017-9805 – Apache Struts 2 Remote Code Execution Vulnerability by Quick Heal Security Labs appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

QuickHeal Security

CVE-2017-5638 – Apache Struts 2 Remote Code Execution Vulnerability

March 29, 2017 admin Apache, CVE, Hacker, hacking, malware, Vulnerability, Zero-Day

Credit to Author: Pradeep Kulkarni| Date: Tue, 14 Mar 2017 11:01:23 +0000

The well-known open source web application framework Apache Struts 2 is being actively exploited in the wild allowing hackers to launch a remote code execution attack. To address this issue, Apache has issued a security advisory and CVE-2017-5638 has been assigned to it. The zero-day bug has been rated with…

The post CVE-2017-5638 – Apache Struts 2 Remote Code Execution Vulnerability appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.