Web Apps – Computer Security Articles

Apache Struts 2 exploit allows ransomware on servers

April 6, 2017 admin Security, Web Apps

Credit to Author: Lucian Constantin| Date: Thu, 06 Apr 2017 13:43:00 -0700

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.

The SANS Internet Storm Center issued an alert Thursday, saying an attack campaign is compromising Windows servers through a vulnerability tracked as CVE-2017-5638.

The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

March 30, 2017 admin Security, Web Apps

Credit to Author: Lucian Constantin| Date: Thu, 30 Mar 2017 08:11:00 -0700

A proof-of-concept exploit has been published for an unpatched vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that’s no longer supported but still widely used.

The exploit allows attackers to execute malicious code on Windows servers running IIS 6.0 with the privileges of the user running the application. Extended support for this version of IIS ended in July 2015 along with support for its parent product, Windows Server 2003.

Even so, independent web server surveys suggest that IIS 6.0 still powers millions of public websites. In addition, many companies might still run web applications on Windows Server 2003 and IIS 6.0 inside their corporate networks, so this vulnerability could help attackers perform lateral movement if they access such networks through other means.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Flaws in Moodle CMS put thousands of e-learning websites at risk

March 21, 2017 admin Security, Web Apps

Credit to Author: Lucian Constantin| Date: Tue, 21 Mar 2017 10:48:00 -0700

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.

Moodle is an open source platform used by schools, universities, and other organizations to set up websites with interactive online courses. It’s used by more than 78,000 e-learning websites from 234 countries that together have more than 100 million users.

A week ago the Moodle developers released updates for the still supported branches of the platform: 3.2.2, 3.1.5, 3.0.9 and 2.7.19. The release notes mentioned that “a number of security related issues were resolved,” but didn’t provide any additional details about their nature or impact.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

March 15, 2017 admin encryption, Mobile & Wireless, Security, Web Apps

Credit to Author: Lucian Constantin| Date: Wed, 15 Mar 2017 07:55:00 -0700

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after the company privately shared the flaw’s details with them.

The web-based versions of WhatsApp and Telegram synchronize automatically with the apps installed on users’ phones. At least in the case of WhatsApp, once paired using a QR code, the phone needs to have an active internet connection for WhatsApp messages to be relayed to the browser on the computer.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

March 9, 2017 admin Application Development, Application Security, Security, Web Apps

Credit to Author: Lucian Constantin| Date: Thu, 09 Mar 2017 04:19:00 -0800

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

Apache Struts is an open-source web development framework for Java web applications. It’s widely used to build corporate websites in sectors including education, government, financial services, retail and media.

On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework’s Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites, which was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Chrome for MacOS to block rogue ad injections and settings changes

March 2, 2017 admin MacOS, Security, Web Apps

Credit to Author: Lucian Constantin| Date: Thu, 02 Mar 2017 07:46:00 -0800

Google has expanded its Safe Browsing service, allowing Google Chrome on macOS to better protect users from programs that locally inject ads into web pages or that change the browser’s home page and search settings.

The Safe Browsing service is used by Google’s search engine, as well as by Google Chrome and Mozilla Firefox, to block users from accessing websites that host malicious code or malicious software. Chrome also uses the service to scan downloaded files and to block users from executing those that are flagged as malicious.

“Safe Browsing is broadening its protection of macOS devices, enabling safer browsing experiences by improving defenses against unwanted software and malware targeting macOS,” Google said in a blog post Wednesday. “As a result, macOS users may start seeing more warnings when they navigate to dangerous sites or download dangerous files.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

WordPress silently fixes dangerous code injection vulnerability

February 2, 2017 admin Enterprise Applications, Security, Web Apps

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability.

WordPress version 4.7.2 was released on January 26 as a security update, but the accompanying release notes mentioned only fixes for three moderate risk vulnerabilities, one of which did not even affect the platform’s core code.

On Wednesday, a week later, the WordPress security team disclosed that a fourth vulnerability, much more serious than the others, was also patched in version 4.7.2.

To read this article in full or to leave a comment, please click here