Here are the most relevant headlines of the week, keep informed of all the details.
- Critical vulnerability: Spring Data for MongoDB
A critical remote code execution (RCE) vulnerability in Spring Data MongoDB, a project for integrating documents into MongoDB databases.
- Malicious version: Brute Ratel C4
Researchers at Palo Alto Networks have published a malicious sample of the legitimate Brute Ratel C4 (BRc4) software.
- Raspberry Robin: worm detected in multiple Windows networks
Microsoft has issued a private advisory to Microsoft Defender for Endpoint subscribers, informing them about detecting the Raspberry Robin malware in various networks, mainly from the industrial sector.
- Campaign: new ransomware HavanaCrypt
A campaign of the new ransomware family called HavanaCrypt is reportedly masquerading as the Google Software Update application for distribution.
- Critical vulnerability in OpenSSL
A vulnerability in the OpenSSL cryptographic library could lead to remote code execution under certain circumstances.
Here you have the full report of these attacks and vulnerabilities and direct links for more information.