Ghostscript .buildfont1 –dSAFER Sandbox Bypass Vulnerability
setembro 6, 2019
-
Vulnerability Overview
Ghostscript is a suite of software based on an interpreter for Adobe System’s PostScript and Portable Document Format (PDF) page description languages. It is widely used as a raster image processor (RIP) for raster computer printers. Currently, it has been ported from Linux to other operating systems, including UNIX, Mac OS X, VMS, Windows, OS/2, and Mac OS classic. (mais…)
Botnet Trend Report-12
setembro 4, 2019
4.3 XMRig: Cryptomining For Fun and Profit Cryptomining by botnets has gained popularity in the past two years. Unlike other common malicious activities like DDoS, ransomware attacks, and confidential information theft, cryptomining has some unique characteristics: 1. Predictable earnings. Cryptominers are good at hiding their presence by controlling their CPU usage within 30%–40%. Based on […]
TortoiseSVN Remote Code Execution Vulnerability (CVE-2019-14422) Threat Alert
setembro 3, 2019
Overview
On August 13, local time, a researcher from a vulnerability laboratory (vxrl team) disclosed a remote code execution vulnerability (CVE-2019-14422) in TortoiseSVN.
The URI handler of TortoiseSVN (Tsvncmd:) allows a customized diff operation on Excel workbooks. This vulnerability could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. (mais…)
Ghostscript -dSAFER Multiple Sandbox Bypass Vulnerabilities Threat Alert
setembro 2, 2019
-
Vulnerability Description
On August 28, 2019, Artifex submitted “Bug 701446: Avoid divide by zero in shading” on the master branch of Ghostscript and announced remediation of four -dSAFER sandbox bypass vulnerabilities. -dSAFER is a security sandbox used by Ghostscript for prevention of insecure PostScript operations. (mais…)
Ghostscript -dSAFER Sandbox Bypass Vulnerability (CVE-2019-10216) Threat Alert
agosto 30, 2019
Overview
Recently, Ghostscript announced the discovery of the -dSAFER sandbox bypass vulnerability (CVE-2019-10216). The .buildfont1 procedure in Ghostscript does not properly restrict privileged calls, which allows attackers to escalate privileges and access files beyond the restricted domain. (mais…)
Botnet Trend Report-11
agosto 28, 2019
4.2.2 Analysis During the first quarter of 2018 when BillGates was extremely active, the family was found to attack 3962 targets, most of which were in two Central American countries. The following map shows the distribution of BillGates targets in China that NSFOCUS was able to directly monitor. BillGates ignored common ports, such as 22, […]
What You Should Know About DDoS Incident Response
agosto 27, 2019
This document addresses the overall strategy and process for DDoS incident response and provides detailed analysis of and countermeasures against some typical attacks, in a bid to help organizations respond to DDoS attacks more effectively and efficiently. Therefore, we will not dwell upon specific methods of and configurations of specific mitigations against each type of DDoS attack. (mais…)
Adobe Security Bulletins for August 2019 Security Updates Threat Alert
agosto 26, 2019
Overview
On August 13, 2019, local time, Adobe officially released August’s security updates to fix multiple vulnerabilities in its various products, including Adobe Photoshop CC , Adobe Experience Manager, Adobe Acrobat and Reader, Adobe Creative Cloud Desktop Application, Adobe Prelude CC, Adobe Premiere Pro CC, Adobe Character Animator CC, and Adobe After Effects CC. (mais…)
