Rampant Cybersecurity Bulletin
March 2018
Latest Cybersecurity News
The latest cybersecurity news so that you can stay on top of what is going on in the cybersecurity world. Click titles below for more details.
Let’s Encrypt Releases Free Wildcard Certificates
34,200 Ethereum Smart Contracts Found to Be Vulnerable
23,000 HTTPS Certificates Reiussed After Private Keys Sent in Plaintext Email and Reseller Compromised
CCleaner Attackers Intended to Deploy Keyloggers
AMD Acknowledges CPU Vulnerabilities and Plans to Roll Out Patches in the Near Future
880,000 Payment Cards Stolen from Orbitz
uTorrent Allows for Remote Code Execution
Previous Cybersecurity Bulletins
Not sure if you are vulnerable? Rampant specializes in vulnerability assessments and penetration testing for small & mid-size businesses!
New High Risk Vulnerabilities
You should be aware of the following vulnerabilities, and we recommend patching them immediately if they apply to your systems. Click titles below for more details.
Node.js resolve-path module Directory Traversal
Linux Kernel ncp_read_kernel Function Code Execution
Google Android video_fmt_mp4r_process_atom_avc1() buffer overflow
Google Android
Mozilla Firefox Code Execution
Cisco Secure Access Control System command execution
util-linux package for Debian code execution
Cisco Web Security Appliance security bypass
New Threat Advisories
You should be aware of the following threats and implement the recommended mitigations to ensure your systems are not impacted. Click titles below for more details.
Necurs Botnet - World’s Largest Spam Botnet made up 97% of spam traffic in Q4 of 2017
Dark Cloud Botnet Distributed Gozi ISFB
Russian Government Cyber Activity Targeting Critical Infrastructure Sectors
Dorkbot Used to Deliver Malware and Steal Online Payment Information