Rampant Cybersecurity Bulletin
January 2018
Latest Cybersecurity News
The latest cybersecurity news so that you can stay on top of what is going on in the cybersecurity world. Click titles below for more details.
Meltdown and Spectre CPU Vulnerabilities Discovered
Intel Warns Users not to Install its Meltdown and Spectre Patches
Apple Hands Over Control Of Chinese Data Centers to Chinese Company
New WiFi Standard WPA3 Set to Be Launched Before End of 2018
US Bill Aimed At Fining Companies Based on Information Breaches
Hard-Coded Password Allows Hackers to Bypass Lenovo’s Fingerprint Scanner
Remote Code Execution Vulnerability Discovered for Electron JS Framework
Previous Cybersecurity Bulletins
Not sure if you are vulnerable? Rampant specializes in vulnerability assessments and penetration testing for small & mid-size businesses!
New High Risk Vulnerabilities
You should be aware of the following vulnerabilities, and we recommend patching them immediately if they apply to your systems. Click titles below for more details.
Cisco ASA webvpn Remote Code Execution
- 3000 Series Industrial Security Appliance (ISA)
- ASA 5500 Series Adaptive Security Appliances
- ASA 5500-X Series Next-Generation Firewalls
- ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
- ASA 1000V Cloud Firewall
- Adaptive Security Virtual Appliance (ASAv)
- Firepower 2100 Series Security Appliance
- Firepower 4110 Security Appliance
- Firepower 9300 ASA Security Module
- Firepower Threat Defense Software (FTD)
Apache NiFi Code Execution
CMS Made Simple Code Execution
Oracle Virtualization VM VirtualBox Core
Sourcetree for Windows Command Execution
VMware Workstation and Fusion Code Execution
Linux Kernel Denial of Service
New Threat Advisories
You should be aware of the following threats and implement the recommended mitigations to ensure your systems are not impacted. Click titles below for more details.
RubyMiner Cryptocurrency Miner Targets Webservers
Smoke Loader Malware Disguised as Spectre/Meltdown Patch
IBM Published 2017 Data Breach Review
Espionage Campaign "Dark Caracal" Believed to be Run by Lebanese Government