Patch Tuesday squashes 89 bugs-including a SophosLabs find

Credit to Author: SophosLabs Offensive Security| Date: Tue, 11 Jun 2019 21:20:51 +0000

No bugs known to be exploited in the wild, but plenty of serious flaws that need updates<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/l4pze2u2S-k” height=”1″ width=”1″ alt=””/>

Read more

May, 2019 Patch Tuesday addresses critical remote desktop, DHCP bugs

Credit to Author: Andrew Brandt| Date: Tue, 14 May 2019 17:34:07 +0000

The vulnerabilities were so potentially harmful, Microsoft released updates for no-longer-supported Windows XP and Server 2003<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wDsmYlJCQ2o” height=”1″ width=”1″ alt=””/>

Read more

“MegaCortex” ransomware wants to be The One

Credit to Author: Andrew Brandt| Date: Fri, 03 May 2019 19:45:43 +0000

By Andrew Brandt A new ransomware that calls itself MegaCortex got a jolt of life on Wednesday as we detected a spike in the number of attacks against Sophos customers around the world, including in Italy, the United States, Canada, the Netherlands, Ireland, and France. The attackers delivering this new malware campaign employed sophisticated techiques [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/pFdm0BTbxug” height=”1″ width=”1″ alt=””/>

Read more

A taste of the onslaught at the network’s edge

Credit to Author: Andrew Brandt| Date: Tue, 30 Apr 2019 14:01:11 +0000

Edge devices take a licking so the rest of the network can keep on ticking, but they do need a little extra TLC<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/yLDeI_Y5qG8″ height=”1″ width=”1″ alt=””/>

Read more

CVE-2018-18500: write-after-free vulnerability in Firefox, Analysis and Exploitation

Credit to Author: Yaniv| Date: Thu, 18 Apr 2019 15:35:40 +0000

Editor&#8217;s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept &#8220;Arbitrary Read/Write Primitive&#8221; exploit for this bug. The vulnerability was deemed critical by Mozilla&#8217;s bug tracking team and was patched in Firefox 65.0. It&#8217;s written for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/oTcYk6i594c” height=”1″ width=”1″ alt=””/>

Read more

CVE-2018-18500: Heap write-after-free in Firefox, Analysis and Exploitation

Credit to Author: Yaniv| Date: Thu, 18 Apr 2019 15:35:40 +0000

Editor&#8217;s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept &#8220;Arbitrary Read/Write Primitive&#8221; exploit for this bug. The vulnerability was deemed critical by Mozilla&#8217;s bug tracking team and was patched in Firefox 65.0. It&#8217;s written for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/oTcYk6i594c” height=”1″ width=”1″ alt=””/>

Read more

Protected: CVE-2018-18500: Heap write-after-free in Firefox, Analysis and Exploitation

Credit to Author: Yaniv| Date: Thu, 18 Apr 2019 15:35:40 +0000

Editor&#8217;s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept &#8220;Arbitrary Read/Write Primitive&#8221; exploit for this bug. The vulnerability was deemed critical by Mozilla&#8217;s bug tracking team and was patched in Firefox 65.0. It&#8217;s written for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/oTcYk6i594c” height=”1″ width=”1″ alt=””/>

Read more