Some SEC News from 14 - 20 May 2018

Post Reply
Nitin J Mutkawoa
Core team
Posts: 3
Joined: Mon Apr 16, 2018 4:53 pm

Some SEC News from 14 - 20 May 2018

Post by Nitin J Mutkawoa » Sat May 19, 2018 8:46 am

PGP/SMIME efail Vulnerability
https://efail.de

Adobe PDF Reader / Acrobat Bulletins
https://helpx.adobe.com/sec…/products/a ... 18-09.html

Signal Vulnerability (Possibly in Electron, which affects Skype/Slack/others)
https://twitter.com/ortegaalfredo/statu ... 3002509313

Electron Vulnerability
https://www.trustwave.com/…/CVE-2018-10 ... lectron-no…/

Cryptocoin Miner Found in Ubuntu Snap Store
https://github.com/canonical-websit…/sn ... issues/651

Fake Electrun Wallet
https://github.com/…/elect…/blob/master ... g_guide.md

Treasure Hunter PoS Malware Source Code Leaked
https://www.flashpoint-intel.com/…/trea ... r-source-c…/

More Malicious Chrome Extensions Spreading via Facebook
https://blog.radware.com/…/nigelthorn-m ... uses-chrom…/

PDF Exploit (and Windows Priv. Escalation) Leaked
https://www.welivesecurity.com/2018/…/1 ... zero-days/

Possible Vulnerability in Keeper Password Manager
http://seclists.org/fulldisclosure/2018/May/41

Critical DHCP Client Vulnerability in RedHat Enterprise Server 6/7
https://access.redhat.com/security/vuln ... es/3442151

UPnP Misconfiguration DDoS Attack
https://www.theregister.co.uk/…/upnp_am ... s_attacks/

Ubuntu Snap Store Miner Incident Followup
https://blog.ubuntu.com/…/trust-and-sec ... he-snap-st

iOS / Android "Zipper Down" Vulnerability
https://zipperdown.org/

Keeper Releases Update
https://keepersecurity.com/…/response-m ... lists-repo…/

Cisco Security Update
https://tools.cisco.com/security/center ... nListing.x

Post Reply