April 21, SecurityWeek – (International) Cisco patches severe flaws in Wireless LAN controller. Cisco released software updates for its Wireless LAN Controller (WLC) products which patch several critical flaws and high severity denial-of-service (DoS) vulnerabilities including an issue related to the Hypertext Transfer Protocol (HTTP) Universal Resource Language (URL) redirection feature of WLC software that can allow an unauthenticated attacker to remotely trigger a buffer overflow and cause affected devices to enter a DoS condition. Source
April 20, SecurityWeek – (International) New tool aims to generically detect Mac OS X ransomware. Security researcher from Synack developed a tool, named “RansomWhere?” that will detect and block all types of file-encrypting ransomware on Apple Mac OS X systems with the aim to constantly monitor file systems for the creation of encrypted files by suspicious processes. The tool was developed after researchers received several reports of ransomware targeting Mac OS X users within the past year. Source
Reprinted from the USDHS Daily Open Source Infrastructure Report