July 2018

Avoiding Bluetooth Decay A CERT advisory has been released regarding the stability of Bluetooth authentication. In short, the advisory outlines that “the authentication provided by the Bluetooth pairing protocols is insufficient.” This weakness in the Bluetooth key exchange is exploitable...

Cyberattack Causes Shipping Industry Disaster COSCO, one of the world’s largest shipping companies, has experienced a ransomware attack on their US network. Their Long Beach terminal reported that their website and telephone network went down on July 25. The company...

WebLogic Server Needs Immediate Patching If you are using an Oracle WebLogic Server in your environment, you must patch it now. This easily exploitable vulnerability allows an unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful...

According to a recently released Ubuntu security notice, there are several vulnerabilities within Mutt Ubuntu. The following CVEs detail how an attacker could execute arbitrary code through Mutt incorrectly handling certain requests. In addition, certain inputs could provide access to,...

It's Buggy Out There Microsoft has republished all of the recent July Patch Tuesday updates with one exception: KB 4018385. Microsoft have recalled this update because it crashes Office. What are you to do if you already deployed this patch?...

Adobe Tackles Over 100 Vulnerabilities A new set of security updates from Adobe has just been released. These new updates effect Acrobat, Reader, Flash Player, Connect, and Experience Manager. Over 100 vulnerabilities are patched thanks to these updates. The risk...

Two Major Vulnerabilities Could Expose You Security vulnerability CVE-2018-8225 and CVE-2018-8267 are both publicly disclosed exploits that have garnered high CVSS scores. These weaknesses were reported to Microsoft through Trend Micro’s Zero Day Initiative (ZDI). CVE-2018-8225 is a vulnerability that...