May 6, Softpedia – (International) Tinba banking trojan checks for sandbox before launching. Security researchers from F-Secure discovered a new variant of the Tiny Banker (Tinba) trojan, which checks for mouse movement and the active window a user is working on to ensure that it is executed on a real machine and not a sandbox before running its malicious routines. The trojan also queries the number of cylinders available to the system’s storage device to determine if it is a virtual machine. Source
May 7, Softpedia – (International) Cisco plugs critical vulnerability in UCS Central Software. Cisco reported that it released an update addressing a vulnerability in its Unified Computing System (UCS) Central Software versions 1.2 and older that could have allowed attackers to access information, run arbitrary code, or make affected devices unavailable by leveraging an improper input validation flaw in the software’s Web framework. Source
May 7, Softpedia – (International) WordPress 4.2.2 fixes DOM-based XSS bug affecting millions of websites. WordPress developers released a critical security update for the platform’s content management system (CMS) addressing a critical cross-site scripting (XSS) flaw in all plugins and themes utilizing the Genericons icon font package, in which attackers could take over an affected Web site or execute code remotely via a document object model (DOM)-based XSS attack targeting a file called “example.html.” Source
May 6, Threatpost – (International) Lenovo patches vulnerabilities in system update service. Security researchers from IOActive reported that Lenovo patched three vulnerabilities in April including a serious bug that allows least privileged users to potentially run commands as a system administrator due to the use of a predictable authentication token, another in which an attacker could bypass signature validation by creating a fake certificate authority (CA) to swap out executables being downloaded by System Update, and a third in which local users could run commands as an administrator using a directory writeable by any user. Source