New Apache Struts 0Day Exploit: (March 8, 2017) Cisco Talos group has identified attacks against a 0Day vulnerability in Apache Struts, which is a popular Java app framework. An advisory was issued Monday, stating the problem exists in the Jakarta Multipart parser. An attacker could perform a RCE attack with a malicious contenttype value. Users were advised to upgrade or switch to a different implementation of the parser. Numerous attacks appeared to be taking advantage of a publicly released proof of concept to run assorted commands. Struts was previously compromised by Chinese hackers in 2014, who exploited known vulnerabilities to install a backdoor. Message here: keep patches current. Source: http://www.csoonline.com/article/3178744/security/cisco-and-apache-issue-warnings-over-zero-day-flaw-being-targeted-in-the-wild.html#tk.twt_cso
Oct 8 Five 0Day Flaws in EMC Management Console
Because apparently you can’t have too many. Unisphere for VMAX used unsecured Flash-toJave interfaces (two of our least favourite words in Security) in the Dell vApp Manager. This Web app manages all the EMC storage platforms. An attacker with access to the network storage devices could hen send malicious Adobe Flash Action Message Format messages to the Web app server on the storage system. And thereby run arbitrary commands to gain complete control. More than 3300 companies across the globe use VMAX to manage storage systems. Like TMobile and banks. While this would require some effort to gain the initial access, once attackers exploited a connected Web server or other system in the data centre, they could steal vast volumes of data, and be able to take the storage system offline.