The week in security: Warnings on exploits as malware Struts its stuff

Credit: ID 50433547 © Mast3r | Dreamstime.com

Plans to collect and analyse large volumes of performance data for operational benefit are nothing new, but logistics of managing so much data have proven problematic in the past.

For national wholesale network operator nbn, however, smarter use of data has helped it turn 20TB to 30TB of daily network data into a proactive tool for managing network congestion and identifying security and other issues before they happen.

With the strength of Google behind it, file-scanning site VirusTotal was the natural choice for the US Department of Defence’s submission of its first two malware samples – the Russia-linked LoJack.

A vulnerability within Struts 2.3 was flagged as using a file-upload library that had a two-year-old remotely exploitable security flaw, Adobe warned – posing problems for anyone using the platform.

Cisco’s search for the bug had turned up yet another exploit for the firm, with the DIRTY CoW exploit creating lingering problems for users of its vulnerable switches.

The proliferation of unknown exploits can wreak havoc on victim networks – as Canada’s St Francis Xavier University learned after an infection by a cryptocurrency miner began using so much CPU power that the university had to shut down its entire network.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags malwareciscodata protection

More about AdobeCiscoDepartment of DefenceGoogleLoJacknbn

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

More videos

Blog Posts