Overview On April 14, local time, Oracle released the April Critical Patch Update (CPU) which fixes vulnerabilities that include a critical one (CVE-2020-2915) in Oracle Coherence CPU, with a CVSS score of 9.8. This vulnerability allows unauthenticated attackers with network access via T3 to compromise vulnerable Oracle Coherence. Successful exploitation...
Category: Emergency Response
How Does WannaRen Ransomware Spread?
Background Recently, a new strain of ransomware WannaRen came to the surface and began to spread between PCs. This ransomware encrypts files in the Windows system and uses .WannaRen as the extension of encrypted files. The attacker leaves a Bitcoin wallet address and demands 0.05 Bitcoin as ransom. Through tracking...
Oracle April 2020 Critical Patch Update for All Product Families Threat Alert
Overview On April 14, 2020, local time, Oracle released its own security advisory and third-party security advisories for its April 2020 Critical Patch Update (CPU) which fix 397 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, visit the following link: (more…)
Microsoft’s April Patches Fix Multiple 0-Day Vulnerabilities Exploited in the Wild Threat Alert
Overview On April 14, 2020, local time, Microsoft released its April patches that fix 113 security issues, including three 0-day vulnerabilities that have been exploited in the wild. The three vulnerabilities exist in Windows Adobe Type Manager Library and the Windows kernel. (more…)
WannaRen Surfaces as a New Strain of Ransomware Threat Alert
Overview Recently, a new strain of ransomware WannaRen came to the surface and began to spread between PCs. This ransomware encrypts almost all files in the Windows system and uses .WannaRen as the extension of encrypted files. The attacker leaves a Bitcoin wallet address and demands 0.05 Bitcoin as ransom....
Google Chrome Update Fixes Multiple High-Severity Vulnerabilities Threat Alert
Overview On March 31, 2020, local time, Google published an advisory, announcing that the newest version of Chrome 80.0.3987.162 to be rolled out in the coming days would address eight security vulnerabilities. Now this version has been released. The most severe of these vulnerabilities could allow attackers to execute arbitrary...
