ISC StormCast for Tuesday, April 10th 2018

By Johannes B. Ullrich, Ph.D. Remote Code Execution Vulnerability in CyberArk
https://www.redteam-pentesting.de/de/advisories/rt-sa-2017-014/-cyberark-password-vault-web-access-remote-code-execution
Enabling DNS over TLS using Unbound
https://blog.cloudflare.com/dns-over-tls-for-openwrt/
Turning off Smart Install in Cisco Switches
https://blogs.cisco.com/security/cisco-psirt-mitigating-and-detecting-potential-abuse-of-cisco-smart-install-feature
Adobe Flash Exploit in the Wild for CVE-2018-4878
https://www.youtube.com/watch?v=cjPn1cQy_FE&feature=youtu.be (turn sound off)
http://www.theregister.co.uk/2018/04/09/office_file_attack_reloaded_in_exploit_builder/
More Here