Attackers are exploiting a Linux Exim critical flaw to execute remote commands, download crypto miners and sniff out other vulnerable servers.
Link: https://threatpost.com/linux-servers-worm-exim-flaw/145698/
Tag: Web Security
Evernote Critical Flaw Opened Personal Data of Millions to Attack
Evernote’s web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users.
Link: https://threatpost.com/evernote-critical-flaw-opened-personal-data-of-millions-to-attack/145666/
Telegram CEO Fingers China State Actors for DDoS Attack
Durov took to Twitter to hint that Beijing tried to take Telegram offline to disrupt the Hong Kong protests.
Link: https://threatpost.com/telegram-ceo-china-ddos-attack/145654/
Fishwrap Campaign Sways Social Media Users with Old News
215 accounts use the same family of special URL shorteners to track the effectiveness of the operation.
Link: https://threatpost.com/fishwrap-social-media-old-news/145641/
Data Breach Disclosed by Online Invitation Firm Evite
Evite’s data breach, stemming from an “inactive data storage file,” is only one of many breaches to be disclosed this week.
Link: https://threatpost.com/data-breach-disclosed-by-online-invitation-firm-evite/145635/
Full Insight into the Internal Environment with Cynet Free Visibility
The Cynet 360 platform Free Visibility Offering is focused on IT and security professionals who know a lack of visibility is a main challenge in their daily responsibilities as end-users and service providers.
Link: https://threatpost.com/full-insight-into-the-internal-environment-with-cynet-free-visibility/145600/
Microsoft Patches Four Publicly-Known Vulnerabilities
In total, 88 unique vulnerabilities were patched as part of Microsoft’s June Patch Tuesday security bulletin.
Link: https://threatpost.com/microsoft-patches-four-publicly-known-vulnerabilities/145594/
Google Calendar Attacks Target Unwitting Mobile Users
Automatic invite notifications are spreading malicious links.
Link: https://threatpost.com/google-calendar-attacks-mobile/145588/
Critical Adobe Flash, ColdFusion Vulnerabilities Patched
Adobe issued patches for 11 vulnerabilities overall across its Flash, ColdFusion and Campaign products.
Link: https://threatpost.com/critical-adobe-flash-coldfusion-vulnerabilities-patched/145570/
Troy Hunt Looks to Sell Have I Been Pwned
“Project Svalbard" has commenced, as Hunt looks for the right company to take over the password-focused service.
Link: https://threatpost.com/troy-hunt-sell-have-i-been-pwnd/145565/