July 12, SecurityWeek – (International) Code execution flaw plagues Intel Graphics Driver. Security researchers from Cisco Talos discovered a local code execution vulnerability in Intel HD Graphics Windows Kernel Mode Driver version 10.18.14.4264 that could allow an attacker to run arbitrary code on a victims’ system or cause denial-of-service (DoS) by sending a specially crafted D3DKMTEscape request to the Intel DH Graphics drivers. Microsoft removed the NTVDM subsystem from its Windows 8 to mitigate the attack, but researchers stated the mitigations were not foolproof. Source
July 11, Softpedia – (International) Website takeover issue fixed in WordPress’ most popular plugin. A security researcher reported that the All in One SEO Pack WordPress plugin was plagued with a vulnerability that could allow attackers to store malicious code in the Web site’s admin panel which could potentially enable attackers to control the Web site. Source
July 11, SecurityWeek – (International) DoS flaw affects Symantec endpoint products. Symantec released a patch that addressed a denial-of-service (DoS) vulnerability that affected its Norton Security’s Portable Executable file scanning functionality as well as its Endpoint Protection products after a security researcher from Cisco Talos found an attacker could exploit the vulnerability by sending a victim a crafted file with a large SizeOfRawData field in a section header due to a flaw in the Client Intrusion Detection System (CIDS) driver, which can cause a system to crash when interacted with a specially-crafted portable executable (PE) file. Source
July 11, SecurityWeek – (International) Backdoored Pokemon Go app infects Android devices. SimilarWeb data and Proofpoint revealed that attackers were using a malicious version of the popular mobile gaming app, Pokemon GO via third-party portals to disseminate a remote access tool (RAT), dubbed DroidJack, to add Android application package (APK) files and allow attackers to gain full control over the Android users’ mobile devices. DroidJack could allow an attacker to read and exit text messages, make phone calls, record audio, modify contacts, and connect to Wi Fi, among other actions. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report