Overview Recently, a new strain of ransomware WannaRen came to the surface and began to spread between PCs. This ransomware encrypts almost all files in the Windows system and uses .WannaRen as the extension of encrypted files. The attacker leaves a Bitcoin wallet address and demands 0.05 Bitcoin as ransom....
Categoria: Emergency Response
Google Chrome Update Fixes Multiple High-Severity Vulnerabilities Threat Alert
Overview On March 31, 2020, local time, Google published an advisory, announcing that the newest version of Chrome 80.0.3987.162 to be rolled out in the coming days would address eight security vulnerabilities. Now this version has been released. The most severe of these vulnerabilities could allow attackers to execute arbitrary...
Overseas APT Organization Exploits Vulnerabilities to Breach Sangfor SSL VPNs and Deliver Malicious Code Threat Alert
Overview On April 6, Sangfor released an advisory, announcing that an overseas APT organization illegally took control of some of their SSL VPN devices and sent malicious files to clients by exploiting a client upgrade vulnerability. NSFOCUS has kept a close eye on this issue and conducted overall analysis. We...
WebSphere Application Server Remote Code Execution Vulnerability (CVE-2020-4276 and CVE-2020-4362) Threat Alert
Overview IBM released security advisories to announce the fix of two remote code execution vulnerabilities (CVE-2020-4276 and CVE-2020-4362) in WebSphere Application Server. The two vulnerabilities exist when WebSphere uses token-based authentication in an admin request over the SOAP connector. By sending a maliciously crafted request to WebSphere SOAP Connector, an...
Vollgar Botnet Threat Alert
Overview On April 1, the Guardicore Labs team uncovered a long-running attack campaign which aims to infect Windows machines running MS-SQL servers. At least since May 2018, the campaign uses password brute force to breach victim machines, deploys multiple backdoors, and executes numerous malicious modules, such as remote access tools...
Linux Kernel Information Disclosure and Privilege Escalation Vulnerability Threat Alert
Vulnerability Description On March 31, the Linux kernel privilege escalation vulnerability demonstrated by the competitor Manfred Paul on the Pwn2Own contest was included in the CVE database and identified as CVE-2020-8835. This vulnerability exists because the bpf verifier in the Linux kernel does not properly calculate register bounds for certain...
