SANS ISC Archives - Help Net Security

Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent

November 21, 2018
Adobe
Adobe Flash
SANS ISC

Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …

Apache Struts 2.3.x vulnerable to two year old RCE flaw

The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …

Access misconfiguration opens 3D printers to remote attacks

Spurred by a report coming from a regular reader, SANS ISC handlers Richard Porter and Xavier Mertens searched for OctoPrint interfaces for 3D printers exposed online and …

New Drupal RCE vulnerability under active exploitation, patch ASAP!

April 26, 2018
Drupal
exploit
Netlab 360

Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is …

What patches to prioritize following the April 2018 Patch Tuesday?

April 11, 2018
Adobe
Microsoft
patch

Patch Tuesday came and went and, as usual, Microsoft and Adobe have released patches/security updates for vulnerabilities affecting a wide variety of their products. …

Vulnerable Apache Solr, Redis, Windows servers hit with cryptominers

Vulnerable servers of all kinds are being targeted, compromised and made to mine cryptocurrencies for the attackers. Apache Solr servers under attack SANS ISC handler Renato …