Microsoft Pushes Azure Users to Patch Linux Systems
Microsoft is urging users to patch every Exim installation in their organization and make sure that they are updated to the most recent version, Exim version 4.92.
News Wrap: Amazon Privacy and Telegram DDoS Attack
Threatpost editors Tara Seals and Lindsey O’Donnell discuss a recent lawsuit against Amazon for its privacy policies, a Telegram DDoS attack and more.
Millions of Linux Servers Under Worm Attack Via Exim Flaw
Attackers are exploiting a Linux Exim critical flaw to execute remote commands, download crypto miners and sniff out other vulnerable servers.
Evernote Critical Flaw Opened Personal Data of Millions to Attack
Evernote’s web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users.
Max-Severity Bug in Infusion Pump Gateway Puts Lives at Risk
The critical bug in a connected medical device can allow an attacker to remotely manipulate hospital pumps, either to withhold meds or dispense too much.
High-Severity Cisco Flaw in IOS XE Enables Device Takeover
A high-severity flaw could give attackers full control of Cisco routers or switches.
RAMBleed Side-Channel Attack Exposes Privileged Memory
An attacker can use Rowhammer attack to induce bit flips, thereby leaking the victim’s secret data.
Intel NUC Firmware Open to Privilege Escalation, DoS and Information Disclosure
Intel has patched seven high-severity vulnerabilities in its mini PC NUC kit firmware.
Microsoft Patches Four Publicly-Known Vulnerabilities
In total, 88 unique vulnerabilities were patched as part of Microsoft’s June Patch Tuesday security bulletin.
Near-Ubiquitous Critical Microsoft RCE Bugs Affect All Versions of Windows
The two CVEs allow bypasses to get around NTLM relay attack mitigations.
