Cyber Security

Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader

Foxit PDF Reader is one of the most popular PDF document readers currently available. As a complete and feature-rich PDF reader, it supports JavaScript for interactive documents and dynamic forms. These vulnerabilities could be triggered if an attacker tricks a user into opening a specially crafted, malicious PDF file, or open the file in a …

Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader Read More »

MoonBounce the latest Dangerous Firmware-Level Rootkit discovered

Researchers Discover Dangerous Firmware-Level Rootkit MoonBounce is the latest in a small but growing number of implants found hidden in a computer’s Unified Extensible Firmware Interface (UEFI). Kaspersky researchers recently discovered the latest example of such a threat hidden deep within the Unified Extensible Firmware Interface (UEFI) firmware of a computer at a customer location. …

MoonBounce the latest Dangerous Firmware-Level Rootkit discovered Read More »

Oracle Financial Services Analytical Applications CVE-2021-35686

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized …

Oracle Financial Services Analytical Applications CVE-2021-35686 Read More »

Apache Log4j Vulnerability Guidance

CISA and its partners, through the Joint Cyber Defense Collaborative, are responding to active, widespread exploitation of a critical remote code execution (RCE) vulnerability (CVE-2021-44228) in Apache’s Log4j software library, versions 2.0-beta9 to 2.14.1, known as “Log4Shell.” Log4j is very broadly used in READ MORE

Purgalicious VBA: Macro Obfuscation With VBA Purging

VBA stomping takes advantage of how module streams are interpreted and exchanges malicious CompressedSourceCode with non-malicious VBA source code, leaving the PerformanceCache untouched. However, the success of this technique is Office-version dependent, implying that an attacker would have to… READ MORE

Threat Roundup for September 17 to September 24

the most prevalent threats we’ve observed between Sept. 17 and Sept. 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats… READ