fbpx

This website uses cookies to ensure you get the best experience. More Information...

SECURITY LABS

INTELLIGENCE BULLETIN
Threat Intelligence Report – Infographic 2017
Threat Intelligence Report – Infographic 2017

Over 2017 we collected and analyzed an immense amount of information, from multiple, diverse data sources and geographic locations globally, generating valuable intelligence for new, emerging and advanced security threats giving our clients a unique advantage in predictability, preparation and response. The OBRELA yearly infographic is now available and presents key data values, key performance […]

READ MORE
Meltdown and Spectre attacks

Three CVE entries have been announced for the vulnerabilities titled Spectre and Meltdown which are affecting modern computer processors (Intel, AMD, ARM and Qualcomm processors). The CVE entries are the following: Meltdown: An attacker can access kernel memory from user space – Rogue data cache load (CVE-2017-5754) Spectre: An attacker can read memory contents from […]

READ MORE
BadRabbit ransomware attack

A new ransomware campaign by the name BadRabbit has targeted Russia, Turkey, Ukraine, Bulgaria, Japan and other countries, the Security Operations Center of Obrela Security Industries want to keep our customers continuously updated of the attack and provide threats mitigation and prevention guidance. SOC has increased its readiness and verbosity over anomalies in SMB traffic, […]

READ MORE
WannaCrypt ransomware attack

We would like to make you aware of a new ransomware that has been spread since 12th of March worldwide affecting hundreds of thousands of Windows computers and for which you should be considering the application of an emergency security patch update that Microsoft has released few hours ago. The ransomware is called WannaCrypt and […]

READ MORE
Vulnerability in Windows http.sys could allow DOS or remote code execution

Yesterday Microsoft has patched a critical vulnerability in Windows HTTP stack (http.sys), which would have extreme consequences if an exploit is publicly disclosed. Up until this writing (15-04-2015 17:00) no public exploit exists. The vulnerability is assigned CVE-2015-1635 and MS15-034. Where is it based? Using a specially crafted HTTP GET request, an attacker can trivially […]

READ MORE
Major Internet Explorer Vulnerability Publicly Disclosed Today

Update: As estimated, the community has responded to this public disclosure 4 days after it was announced. MS has been notified Oct-2014. CVE assigned is CVE-2015-0072. Today a vulnerability was disclosed (no CVE) on seclists.org by the security company called Deusen. The mechanics and PoC were also disclosed, proving that the same origin policy of […]

READ MORE
Critical vulnerability on Drupal 7

Today a vulnerability was disclosed under CVE-2014-3704 / SA-CORE-2014-005 on the Drupal <7.32 that allows an unauthenticated attacker to execute arbitrary SQL. The Proof of Concept was disclosed and involved the SQL update of the user with UID=1 (admin). Where is this based? It exists (ed) in the Drupal core. Drupal 7 includes a database […]

READ MORE
POODLE attack or the end of SSLv3

Google¬† has recently disclosed a (new?) SSLv3 vulnerability that allows an attacker controlling the SSL-encrypted network stream between client and server to extract the plaintext of specific parts of the communication, most “preferable” cookies. Does it have to do with BEAST again? Due to the well-known insecurities of SSL researchers have speculated the existence of […]

READ MORE
Critical GNU Bash Vulnerability

On Wedneday, 24 September 2014, a new and very powerful vulnerability affecting Linux and Unix-based systems was published (CVE-2014-6271). The vulnerability allows attackers to execute system commands on vulnerable systems and potentially compromise the integrity, availability and confidentially of information.¬† At the time of this writing, the vulnerability is used for malicious intentions including infecting […]

READ MORE