Rampant Cybersecurity Bulletin
April 2018
Latest Cybersecurity News
The latest cybersecurity news so that you can stay on top of what is going on in the cybersecurity world. Click titles below for more details.
Oracle WebLogic Flaw Still Exists After Recent Patch
Drupalgeddon3 Soon After Drupalgeddon2 was Patched
SEC FInes Yahoo $35 Milion Parent Company for Not Disclosing Data Breach
Intel to Allow AV Engines to Use Integrated GPU’s for Malware Scanning
Thousands of Malicious Apps Allegedly Misusing Facebook API’s
Amazon and Google Block Domain Fronting
The US and UK Governments Accuse Russia of Hacking Enterprise Routers and ISP’s
Previous Cybersecurity Bulletins
Not sure if you are vulnerable? Rampant specializes in vulnerability assessments and penetration testing for small & mid-size businesses!
New High Risk Vulnerabilities
You should be aware of the following vulnerabilities, and we recommend patching them immediately if they apply to your systems. Click titles below for more details.
Kaspersky KSN for Linux Code Execution
Microsoft Windows Denial of Service
Cisco Unified Computing System Director Information Disclosure
Cisco WebEx Business Suite Clients Code Execution
Oracle WebLogic Server Deserialization Code Execution
Oracle Fusion Middleware Access Manager Web Server Plugin Unspecified
Apple iOS Crash Reporter Privilege Escalation
New Threat Advisories
You should be aware of the following threats and implement the recommended mitigations to ensure your systems are not impacted. Click titles below for more details.
Banking Trojan IcedID Paired With Dreambot Conducting Sophisticated Spearphishing
Threat Group Orangeworm Targeting US Healthcare
Muhstick Botnet Actively Exploiting Recent Drupal Vulnerability
Lazarus Group Targeting Financial Institutions