October 5, SC Magazine – (International) Zero day vulnerability found in VMware product. Researchers from 7 Elements discovered a VMware vCentre zero day vulnerability involving the deployment of the JMX/RMI service used in the management interface in which an attacker could gain unauthorized remote system access to the hosting server, leading to full enterprise environment compromise. VMware reported that it is working on releasing a patch to address the vulnerability. Source
October 3, Softpedia – (International) Fareit malware uses different file hash for each attack to avoid AV detection. Security researchers from Cisco’s Talos team discovered a new version of the Fareit trojan specializing in information stealing that changes its file hash with each infection. Researchers found only 23 shared common hashes out of 2,455 recorded samples, and determined that the samples communicated with only 2 command and control (C&C) servers. Source