Rampant Cybersecurity Bulletin
February 2018
Latest Cybersecurity News
The latest cybersecurity news so that you can stay on top of what is going on in the cybersecurity world. Click titles below for more details.
HaveIBeenPwned Releases Unrestricted API for Password Checking
Released NSA Exploits Ported to Windows
US LEgislators Introduce Bills to Ban US Government from Using Chinese Equipment
More Private Data Discovered to Be Compromised in Equifax Hack
Github Hit With the Largest DDoS Attack in History Using New Technique
Hard-Coded Password Allows Hackers to Bypass Lenovo’s Fingerprint Scanner
uTorrent Allows for Remote Code Execution
Previous Cybersecurity Bulletins
Not sure if you are vulnerable? Rampant specializes in vulnerability assessments and penetration testing for small & mid-size businesses!
New High Risk Vulnerabilities
You should be aware of the following vulnerabilities, and we recommend patching them immediately if they apply to your systems. Click titles below for more details.
Apache Geode TcpServer Code Execution
- Apache Geode 1.1.0
- Apache Geode 1.0.0
- Apache Geode 1.2.0
- Apache Geode 1.2.1
Microsoft Identity Manager Privilege Escalation
Cisco RV132W Router Code Execution
Cisco RV132W ADSL2+ Wireless-N VPN Router
Cisco RV132W VDSL2 Wireless-AC APN Router
Cisco Elastic Services Controller Software Security Bypass
Cisco Unified Communication Domain Manager Code Execution
Linux Kernel show_floppy function Security Bypass
Trend Micro Smart Protection Server Privilege Escalation
Microsoft Sharepoint Server Privilege Escalation
New Threat Advisories
You should be aware of the following threats and implement the recommended mitigations to ensure your systems are not impacted. Click titles below for more details.
Active Business Email Campaign Compromise Campaign Targeting Fortune 500 Companies
Fear the Reaper - North Korean Group APT37 Using Zero-Days
Apache CouchDB Being Targeted for Cryptomining
Bitcoin Theft Campaign Through Google Adwords