Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence January 11, 2018 - Featured Image

Daily Threat Briefing Jan 11, 2018

Top Vulnerabilities Reported in the Last 24 Hours

macOS High Sierra 10.13 Security Bug
A security flaw was discovered in macOS High Sierra 10.13 that allows users--with access to Mac--to enter any bogus password and unlock the App Store menu in System Preferences. Thankfully, the flaw doesn't allow users to unlock other sections within System Preferences.
The vulnerability is patched in the latest beta version of macOS 10.13.3.

Flaw in MicroLogix 1400 PLC
The vulnerability, tracked as CVE-2017-16740, is found in MicroLogix 1400 programmable logic controllers (PLCs). The flaw was caused due to stack-based buffer overflow condition and allows attackers to execute arbitrary code on a targeted device.
A firmware update has already been released for this.

Ruby Rail Gems XSS Vulnerabilities
Two XSS vulnerabilities (CVE-2017-12097 and CVE-2017-12098) were found in Ruby Rails Gems, in two different gem packages.
CVE-2017-12097: Allows hackers to execute arbitrary JavaScript on the victim's browser with the help of a specially designed URL.
CVE-2017-12098: Allows hackers to create custom filters and find values within the admin interface.

Related Threat Briefings