HPE Intelligent Management Center (IMC) is a popular management system designed to integrate the management of devices, services and users. It provides features and functions that are designed for comprehensive management of the network infrastructure. An arbitrary file upload vulnerability exists in the HPE Intelligent Management Center. The server application that handling the file upload fails to filter the file extension when handling certain HTTP request, causing a arbitrary file upload vulnerability. An attacker could send a crafted HTTP POST request to the server url, uploading malicious scripts and execute them under the privilege of the server process.
The SonicWall Capture Labs Threat Research Team observed reports of a new variant family of Letgo Malware [Letgo.A] actively spreading in the wild. The Malware gathers confidential information from the computer such as login details, passwords; financial information sends it to its own C&C Server.
The SonicWall Capture Labs Threat Research Team have come across ransomware that goes by the name GlobeImposter. It is also known as Fake Globe. GlobeImposter is distributed via a malicious spam campaign and as with all ransomware encrypts the victims files making them irrevocable without payment. Most ransomware have a built in file extension filter that will leave executable files intact. This ransomware however, encrypts executable files and renders the system unbootable as a result.
SonicWall has analyzed and addressed Microsoft’s security advisories for the month of November, 2017. A list of issues reported, along with SonicWall coverage information are as follows: