Experts Denounce Facebook’s New Cryptocurrency as ‘Most Dangerous Form of Surveillance Yet’ – CBN News

The social media giant Facebook has announced plans to launch a digital currency in 2020. If you’re a member of their platform and think they know all there is to know about you, some experts say just wait. That’s because Facebook will also gain access to all of your financial information as well.

Source: Experts Denounce Facebook’s New Cryptocurrency as ‘Most Dangerous Form of Surveillance Yet’ – CBN News

Advertisements

Another Oracle WebLogic Server RCE under active exploitation

Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security update as soon as possible. Speed is of the essence as, according to KnownSec 404 researchers, the vulnerability is already being exploited in the wild. About the vulnerability (CVE-2019-2729) “This remote code execution vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network …

Source: Another Oracle WebLogic Server RCE under active exploitation

Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks

If you use the Firefox web browser, you need to update it right now. Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild.

Source: Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control Security Intelligence IBM X-Force discovered a zero-day remote code execution vulnerability in TP-Link Wi-Fi extenders that could enable an attacker to command a device with the …

Source: Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

Plurox: Modular backdoor

Kaspersky Labs write:

In February this year, a curious backdoor passed across our virtual desk. The analysis showed the malware to have a few quite unpleasant features. It can spread itself over a local network via an exploit, provide access to the attacked network, and install miners and other malicious software on victim computers.

Read full analysis: Plurox: Modular backdoor

End of GandCrab – New Free Decryptor Tool that let Victims to Unlock All versions of Ransomware Infection

“These tools totaled more than 30,000 successful decryptions and have saved victims roughly $US 50 MILLION in unpaid ransom,” also it cuts the ransomware operators monetization options. GandCrab a Look Back. The ransomware strain first spotted in January 2018; it is the most sophisticated and continuously changing ransomware.

Source: End of GandCrab – New Free Decryptor Tool that let Victims to Unlock All versions of Ransomware Infection

Homeland Security has tested a working BlueKeep remote code execution exploit

Homeland Security has tested a working BlueKeep remote code execution exploit TechCrunch Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a …

Source: Homeland Security has tested a working BlueKeep remote code execution exploit

Netflix discovers SACK Panic and other Linux security flaws

Netflix security team discovers the new “SACK” Panic security vulnerability.

The Netflix security team discovered these flaws during routine security testing work. They are triggered by sending a series of malicious packets to vulnerable systems. The result can slow or crash the target system – effectively triggering a remote Kernel panic.

Major vendors have released a series of patches and workarounds.

The three vulnerabilities are:

AWS has also issued an advisory for its cloud customers.

More details are available in the security advisory posted on GitHubRed HatSUSE and Debian also have helpful resources and information.

Read More: