November 5, Securityweek – (International) Cisco patches serious flaws in security, wireless appliances. Cisco released software updates patching several critical and high severity vulnerabilities including a command injection vulnerability, CVE-2015-6298 that affects the certificate generation process in the interface of the Cisco Web Security Appliance (WSA), denial-of-service (DoS) vulnerabilities that causes affected devices to run out of system memory, and vulnerabilities in the Mobility Service Engine that allows unauthenticated attackers to remotely log in to the platform via a user account protected by a default and static password, among other updates. Source
November 5, Securityweek – (International) Multi-platform RAT OmniRAT used to hijack devices. Researchers from Avast reported that OmniRAT, a multi-platform remote administration tool (RAT) was being distributed and used by cybercriminals as a remote access trojan through social engineering in which victims would receive malicious short message service (SMS) with a shortened link, that if clicked, would load an icon labeled “MMS Retrieve,” allowing attackers to install the malware. Source
November 4, Softpedia – (International) Hackers cleverly hide backdoor inside the EXIF Data of a Joomla CMS logo. Security researchers from Sucuri, a company specializing in providing security solutions for website owners, discovered a backdoor encoded in the Joomla CMS logo image in its base64 that was added to the copyright field of image, inside its exchangeable image file format (EXIF) metadata header. The image was previously displayed via the application.php file, allowing hackers to modify the line of code to execute the backdoor on infected sites without distorting the final image. Source
November 4, Securityweek – (International) Backdoored ad library found in thousands of iOS apps. Researchers at FireEye discovered 17 different versions of a backdoor malware similar to mobiSage software development kit (SDK), dubbed iBackDoor, in applications of popular ad libraries including 2,846 Apple’s mobile operating system (iOS) that allows attackers to potentially carry out a range of tasks including manipulating files in the app’s data container, uploading encrypted data to a remote server, and monitoring device location, among other tasks. Source