CVE-2018-11776 – WindowsTechs.com

Cisco Products Receive Patches for Critical Struts Vulnerability

Posted on September 7, 2018 by Lucian Constantin

Cisco Systems has released patches for some of its products that use the Apache Struts web development framework and are affected by a recently announced critical vulnerability. The flaw, tracked as CVE-2018-11776, was patched in Apache Struts two wee… Continue reading Cisco Products Receive Patches for Critical Struts Vulnerability→

Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild

Posted on September 5, 2018 by Tara Seals

A Monero cryptomining script is spreading in an ongoing campaign using the recently disclosed critical remote command-execution flaw. Continue reading Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild→

Someone Dropped a Windows Zero-Day Exploit on GitHub

Posted on August 29, 2018 by Lucian Constantin

A previously unknown vulnerability that allows attackers to obtain SYSTEM privileges on Windows computers has been publicly disclosed. Someone with the username SandboxEscaper posted a link to a proof-of-concept exploit on Twitter and then deleted the… Continue reading Someone Dropped a Windows Zero-Day Exploit on GitHub→

The Apache Struts2 RCE Vulnerability – Application Security Weekly #30

Posted on August 28, 2018 by Security Weekly Productions

Keith Hoodlet and Paul Asadoorian talk about The Apache Struts2 RCE Vulnerability. They cover: – CVE-2018-11776 – How the 3 Ways of DevOps can guide us toward better security practices – Shared Version Control – Test Environment… Continue reading The Apache Struts2 RCE Vulnerability – Application Security Weekly #30→