Top Malware Reported in the Last 24 HoursNew X-Agent variant
A new campaign that leverages compromised FTP servers to distribute phishing emails containing FTP links has been found targets in Australia with fake MYOB invoices. The FTP links drop the DanaBot banking malware, which has recently been observed in multiple campaigns, specifically targeting Australians.
Top Vulnerabilities Reported in the Last 24 HoursLinux Kernel Image flaws
A vulnerability was discovered in the Linux Kernel, which exists in the fs/f2fs/inode.c source code file. The flaw could allow hackers to cause a denial of service (DoS) condition. The bug could be exploited by mounting and performing operations on a modified F2FS image on a targeted system. Users are advised to update to the latest firmware version of the software to fix the issue. cURL buffer overflow bug
Security researchers have uncovered a high severity flaw in the Curl_smtp_escape_eob function of cURL. The heap-based buffer overflow flaw could allow attackers to remotely execute arbitrary code and cause a denial of service DoS condition. Patches are available for this flaw. It is highly recommended that users update to the latest version of curl.Libgit2 Integer overflow bug
A bug was discovered in the git_delta_apply function of libgit2, which causes an integer overflow condition. The flaw could allow hackers to bypass bounds checks, which, in turn, could allow them to gain cause a denial of service (DoS) condition and access sensitive data. Users are advised to update to the latest version.