Microsoft’s June Patch Tuesday announced the release of 88 vulnerability patches in this month’s security bulletin, as well as four advisories and one servicing stack update. Four of the critical patches included in the release are fixes for the zero-days SandboxEscaper previously disclosed.
Read More
We found a new wormable malware we’ve named BlackSquid targeting web servers, network and removable drives using evasion, anti-virtualization, anti-debugging, and anti-sandboxing techniques to drop a Monero miner.
Read More
We discovered a new variant of Mirai that uses a total of 13 different exploits, almost all of which have been used in previous Mirai-related attacks. Typical of Mirai variants, it has backdoor and distributed denial-of-service (DDoS) capabilities. However, this case stands out as the first to have used all 13 exploits together in a single campaign
Read More
Following Apple’s March release of patches, Trend Micro reported two of the discovered vulnerabilities. Left unpatched, these macOS flaws can be used by attackers in escalating admin privileges to access restricted information or open systems to attacks.
Read More We uncovered an updated Bashlite malware designed to add infected internet-of-things devices to a distributed-denial-of-service (DDoS) botnet. Based on the Metasploit module it exploits, the malware targets devices with the WeMo Universal Plug and Play (UPnP) application programming interface (API).
This updated iteration of Bashlite is notable. For one, its arrival method is unique in that it doesn’t rely on specific vulnerabilities (e.g., security flaws assigned with CVEs). It instead abuses a publicly available remote-code-execution (RCE) Metasploit module. It now also sports additional DDoS-related commands, and added new ones that gave the malware cryptocurrency mining and backdoor capabilities. It can also deliver malware that removes competing botnet malware.
Read More