vSOC SPOT Report: Runc Docker Vulnerability
Overview On February 11, 2019, security researchers Adam Iwaniuk and Borys Popławski responsibly disclosed a vulnerability in Runc, the standard utility for spawning and running containers in Docker,…
Archive
vSOC SPOT Report: IE – Scripting Engine Memory Corruption Vulnerability
Overview On December 19th, 2018 Microsoft released a zero-day patch for a vulnerability that impacted multiple Internet Explorer versions within all platforms.
vSOC SPOT Report: Vulnerability in CISCO ASA SIP (CVE-2018-15454)
Overview This SPOT Report contains information on the latest vulnerability found in the Cisco ASA firewall, Cisco switches, and Cisco routers alongside the coupling ASA virtual appliances and Cisco Fi…
vSOC SPOT Report: JET Engine
Overview A zero-day flaw has been released by Trend Micro’s Zero Day Initiative (ZDI) team involving an out-of-bounds write in the Microsoft JET Database Engine.
vSOC SPOT Report: Exim Remote Code Execution Vulnerability
Overview On March 6th, 2018, a security researcher by the name of Meh Chang of Devcore, a Taiwanese security consulting firm, published a remote code execution vulnerability that is present in the mai…
vSOC SPOT Report: Mozilla Firefox Arbitrary Code Execution Vulnerability
Overview On January 29th, Mozilla developer Johann Hofmann reported that there was a major Arbitrary Code Execution vulnerability (CVE-2018-5124) within the browser’s user interface (UI) that allows…
vSOC SPOT Report: Cisco Adaptive Security Appliance RCE & Denial of Service Vulnerability
Update (2018-01-31): SNORT Signatures After further research, vSOC has located Snort signatures published by the fox-srt team, which can detect exploitation of this vulnerability.
vSOC SPOT Report – Intel AMT Vulnerability
Overview On Friday, January 12th, 2018 researchers at F-Secure disclosed a vulnerability involving Intel’s Active Management Technology (AMT) firmware.