Rampant Cybersecurity Bulletin
June 2018
Latest Cybersecurity News
The latest cybersecurity news so that you can stay on top of what is going on in the cybersecurity world. Click titles below for more details.
WPA-3 WiFi Standard Released
17 Backdoored Docker Images Removed from Docker Hub
Trik Spam Botnet Leaks 43 Million Email Addresses
Data from 92 million accounts stolen from DNA testing site MyHeritage
Kaspersky Lawsuits Against the US Were Dismissed, Leaving Ban In Place
China-based Campaign Breached Satellite and Defense Companies
Apple is Testing a Feature for IOS 12 Which Could Make It Difficult For Law Enforcement to Unlock iPhones
Microsoft Forces Multi-Factor Authentication on Azure AD Admin Accounts
Previous Cybersecurity Bulletins
Not sure if you are vulnerable? Rampant specializes in vulnerability assessments and penetration testing for small & mid-size businesses!
New High Risk Vulnerabilities
You should be aware of the following vulnerabilities, and we recommend patching them immediately if they apply to your systems. Click titles below for more details.
QNAP QTS LDAP Server command execution
QNAP QTS 4.3.3 build 20180402
QNAP QTS 4.3.4 build 20180413
Details: QNAP QTS could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in the LDAP Server. An attacker could exploit this vulnerability to execute arbitrary commands on the system.
Micro Focus Solutions Business Manager code execution
HPE VAN SDN Controller privilege escalation
HPE VAN SDN Controller 2.7.18.0503
VMware AirWatch Agent for Android and VMware AirWatch Agent for Windows Mobile code execution
Microsoft Publisher privilege escalation
Microsoft Outlook privilege escalation
Cisco IOS XE AAA code execution
Cisco Prime Collaboration Provisioning unauthorized access
New Threat Advisories
You should be aware of the following threats and implement the recommended mitigations to ensure your systems are not impacted. Click titles below for more details.
Kardon Loader Being Sold
APT15 is Repurposing Old Tools
Olympic Destroyer Still Being Actively Used
VPNFilter Exploiting New Devices