Alerts

Alerts

DearBytesAlerts

Spamruns using iqy files

What is going on? A recent spamrun was attaching “.iqy” files to emails. This seems to be a new trick used by malware authors. The “.iqy” files allow attackers to load and execute arbitrary script when a user opens the file. The initial spamrun reportedly…

Lees verder

Highly Critical Drupal Vulnerability

What is going on? A new highly critical vulnerability has been found in the popular CMS Drupal. This vulnerability could allow an attacker to take over a website. The vulnerability has been fixed within the latest version of the software. The impact of the attack…

Lees verder

Zero-day kwetsbaarheid in Adobe Flash

Beveiligingsonderzoekers hebben aangegeven dat er een zero-day kwetsbaarheid zit in de Adobe Flash Software (Flash 28.0.0.137 en eerdere versies). Op dit moment wordt deze kwetsbaarheid, met behulp van een Microsoft Office of Excel-bestand, actief gebruikt door aanvallers. Het lek is te misbruiken op zowel Windows…

Lees verder

New Metasploit module to exploit the MS17-010 vulnerabilities

What is going on? A new Metasploit module has been released for the MS17-010 vulnerabilities. These vulnerabilities allows an attacker without proper authentication to execute code with the highest privileges. The new module allows easy exploitation of newer versions of Windows (Windows Server 2016 and…

Lees verder

Modern CPUs design flaw causes privileged memory leak

What is going on? Security researchers have published a set of vulnerabilities that affects the majority of modern processors. These vulnerabilities reported as “Spectre” (CVE-2017-5753 and CVE-2017-5715)  and “Meltdown” (CVE-2017-5754 ) allow an attacker to access protected data. Major operating system such as Linux, Windows…

Lees verder

FortiClient VPN credentials improperly secured

What is going on? SEC Consult Vulnerability Lab has disclosed a vulnerability in the way that the Fortinet’s FortiClient products stores the VPN credentials. Successful exploitation may allow an attacker to retrieve the authentication credentials in plain text. Why is this important? According to the…

Lees verder

Intel discloses several vulnerabilities that affect most of their newest CPUs

What is going on? Intel has released a security advisory in which they presented the results of an in-depth security review of their Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE). Several security vulnerabilities were disclosed that could…

Lees verder

DUHK Attack CVE-2016-8492

Wat is er aan de hand? Gisteren hebben Shaanan Cohney, Nadia Heninger en Matthew D. Green een verslag gepubliceerd (https://duhkattack.com/paper.pdf) waarin ze reageren op de oude kwetsbaarheid van de pseudo-willekeurig nummergenerator ANSI X9.31. Hun reactie, “Do not Use Hard-coded Keys (DUHK)”, gaat over aanslagen waarmee…

Lees verder

BadRabbit ransomware campagne

Wat is er aan de hand? Een nieuw ransomware exemplaar heeft veel organisaties in Oekraïne en Rusland getroffen. Het heeft de naam BadRabbit gekregen. De Badrabbit ransomware komt via een malafide Flash update bestand binnen, en probeert zich daarna naar andere computers in het netwerk…

Lees verder