VMware Releases Security Updates for Multiple Products

Original release date: May 29, 2020

VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisory VMSA-2020-0011 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Cisco Releases Security Updates for CML and VIRL-PE

Original release date: May 29, 2020

Cisco has released security updates to address SaltStack FrameWork vulnerabilities in Cisco Modeling Labs Corporate Edition (CML) and Virtual Internet Routing Lab Personal Edition (VIRL-PE). A remote attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates or workaround.

 

This product is provided subject to this Notification and this Privacy & Use policy.

NSA Releases Advisory on Sandworm Actors Exploiting an Exim Vulnerability

Original release date: May 28, 2020

The National Security Agency (NSA) has released a cybersecurity advisory on Russian advanced persistent threat (APT) group Sandworm exploiting a vulnerability—CVE-2019-10149—in Exim Mail Transfer Agent (MTA) software. An unauthenticated remote attacker can use this vulnerability to send a specially crafted email to execute commands with root privileges, allowing the attacker to install programs, modify data, and create new accounts.

Although Exim released a security update for the MTA vulnerability in June 2019, Sandworm cyber actors have been exploiting this vulnerability in unpatched Exim servers since at least August 2019 according NSA’s advisory, which provides indicators of compromise and mitigations to detect and block exploit attempts.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators and users to upgrade to the latest version of Exim and review NSA’s Advisory: Exim Mail Transfer Agent Actively Exploited by Russian GRU Cyber Actors and Exim’s page on CVE-2019-10149 for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Quasar RAT – Windows Remote Administration Tool

Quasar RAT – Windows Remote Administration Tool

Quasar is a fast and light-weight Windows remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring.

It aims to provide high stability and an easy-to-use user interface and is a free, open source tool.

Features of Quasar RAT Windows Remote Administration Tool

The main features that can be found in Quasar are:

  • TCP network stream (IPv4 & IPv6 support)
  • Fast network serialization (Protocol Buffers)
  • Compressed (QuickLZ) & Encrypted (TLS) communication
  • UPnP Support
  • Task Manager
  • File Manager
  • Startup Manager
  • Remote Desktop
  • Remote Shell
  • Remote Execution
  • System Information
  • Registry Editor
  • System Power Commands (Restart, Shutdown, Standby)
  • Keylogger (Unicode Support)
  • Reverse Proxy (SOCKS5)
  • Password Recovery (Common Browsers and FTP Clients)

Using Quasar Windows Remote Administration Tool

1.

Read the rest of Quasar RAT – Windows Remote Administration Tool now! Only available at Darknet.