Frank Crast

XCSSET mac malware targets Xcode projects to deliver malicious payloads

Security researchers have discovered a new mac malware dubbed XCSSET. The malware not only inserts malicious code into XCode projects, but also leverages two zero-days to exploit a flaw in Data Vaults and plant a JavaScript backdoor in Safari.

XCSSET mac malware targets Xcode projects to deliver malicious payloads Read More »

Apache patches two Struts 2 vulnerabilities

The Apache Software Foundation has patched two vulnerabilities in Apache Struts 2 that could result in remote code execution (RCE) or Denial of Service (DoS). An attacker could exploit one of these vulnerabilities to take control of impacted systems. According to Apache, the two vulnerabilities affect Struts versions 2.0.0 – 2.5.20 and are described in

Apache patches two Struts 2 vulnerabilities Read More »

Microsoft August 2020 Security and Adobe Updates

Microsoft has released August 2020 Security updates, that includes a patch for an actively attacked memory corruption vulnerability (CVE-2020-1380) in the Scripting Engine. Adobe also released updates for Adobe Acrobat and Reader, as well as Lightroom.

Microsoft August 2020 Security and Adobe Updates Read More »