SAP Fixes Vulnerabilities in Internet Graphics Server

SAP released its set of security fixes of this week to address more than a dozen bugs around its product portfolio, containing about four vulnerabilities in Internet Graphics Server. Nine new Security Notes were released by the company as part of the SAP Security Patch Day, to which Support Package Notes and updates to formerly announced notes are additional, for a total of sixteen notes released since the previous Patch Day.

Continue reading

Microsoft Fixes Two Windows Zero-Day Flaws Found Under Attack

Microsoft has patched around sixty flaws, containing two Windows zero-day vulnerabilities that can be oppressed for isolated code execution and privilege acceleration. The more critical of the zero-day flaw is CVE-2018-8174, a serious problem that let the cybercriminals to distantly accomplish random code on entire sustained versions of Windows.

Continue reading

Flaws in Drupal Discloses and Now Became Target of Prevalent Threats

High-severity flaws in Drupal that were revealed previous month and now became the target of extensive threats by a malware campaign. Troy Mursch, the Researcher of Bad Packets has reported hundreds of conceded Drupal websites being utilized to host “cryptojacking” malware that practices the CPUs of people to mine cryptocurrency via CoinHive.

Continue reading

Exempt Escalation Flaw Concealed in Linux Kernel for Eight Years

A security flaw in a driver advancing to local exempt escalation in the modern Linux Kernel type was familiarized eight years ago. The security vulnerability delivers a local consumer with access to a flaw exempted driver with the prospect to read from and write to penetrating kernel memory. Followed as CVE 2018-8781, the flaw could be oppressed to intensify local treats.

Continue reading

Uber Constricts Bug Bounty Threats Policies

Last week, Uber updated the legal terms and conditions of its bug bounty program and delivered regulation for good faith flaw investigation. The variations come merely months after the ride-sharing massive acknowledged paying a couple of people as part of a struggle to obscure a huge security occurrence. Uber declares that it has addressed about 200 bugs for which it has granted more than $290,000 ever since August 2017, carrying the total amount paid out by the firm since they launch of its flaw bounty program to over $1.4 million.

Continue reading

13 Year-Old Configuration Vulnerability Influences Maximum SAP Deployments

Onapsis notifies maximum SAP executions carry on to be influenced by a security configuration vulnerability originally documented in 2005. Abandoned security configurations and accidental configuration points of formerly secured systems reduce SAP operations flaw in spite of the announcement of different Security Notes intended to state the concerns.

Continue reading