Critical Vulnerability in Cisco WebEx Chrome Plugin, (Tue, Jan 24th)

by nateSecurity BulletinsPosted on Comments are Disabled

Update: Version 1.0.5 of the Google Chrome WebEx plugin, released this morning, fixes this issue. The Google 0-Day project announced a critical remote code execution vulnerability in Ciscos WebEx plugin for Google Chrome. This vulnerability allows a remote attacker to execute arbitrary code on the victims system by delivering it to the WebEx plugin via …

Read more “Critical Vulnerability in Cisco WebEx Chrome Plugin, (Tue, Jan 24th)”

Malicious SVG Files in the Wild, (Tue, Jan 24th)

by nateSecurity BulletinsPosted on Comments are Disabled

In November 2016, the Facebook messenger application was used to deliver malicious SVG files to people [1]. SVG files (or Scalable Vector Graphics) are vector images that can be displayed in most modern browsers (natively or via a specific plugin). More precisely, Internet Explorer 9 supports the basic SVG feature sets and IE10 extended the …

Read more “Malicious SVG Files in the Wild, (Tue, Jan 24th)”

IOC's: Risks of False Positive Alerts Flood Ahead, (Thu, Jan 26th)

by nateSecurity BulletinsPosted on Comments are Disabled

Yesterday, I wrote a blog post[1] which explained how to interconnect a Cuckoo[2] sandbox and the MISP[3] sharing platform. MISP has a nice REST API that allows you to extract useful IOCs in different formats. One of them is the Suricata”> alert http $HOME_NET any – $EXTERNAL_NET any ( msg: MISP e3791 Outgoing HTTP Domain: …

Read more “IOC's: Risks of False Positive Alerts Flood Ahead, (Thu, Jan 26th)”