π΄ SquirrelWaffle Leverages Malspam to Deliver Qakbot, Cobalt Strike π΄
π Read
via "Dark Reading".
Threat is spreading widely via spam campaigns, infecting systems with a new malware loader.π Read
via "Dark Reading".
Dark Reading
SquirrelWaffle Leverages Malspam to Deliver Qakbot, Cobalt Strike
Threat is spreading widely via spam campaigns, infecting systems with a new malware loader.
βΌ CVE-2021-42111 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application.π Read
via "National Vulnerability Database".
βοΈ SMS About Bank Fraud as a Pretext for Voice Phishing βοΈ
π Read
via "Krebs on Security".
Most of us have probably heard the term "smishing" -- which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing -- blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text.π Read
via "Krebs on Security".
Krebsonsecurity
SMS About Bank Fraud as a Pretext for Voice Phishing
Most of us have probably heard the term "smishing" -- which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries toβ¦
π΄ ChaosDB: Researchers Share Technical Details of Azure Flaw π΄
π Read
via "Dark Reading".
Wiz researchers who discovered a severe flaw in the Azure Cosmos DB database discussed the full extent of the vulnerability at Black Hat Europe.π Read
via "Dark Reading".
Dark Reading
ChaosDB: Researchers Share Technical Details of Azure Flaw
Wiz researchers who discovered a severe flaw in the Azure Cosmos DB database discussed the full extent of the vulnerability at Black Hat Europe.
βΌ CVE-2020-23876 βΌ
π Read
via "National Vulnerability Database".
pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23886 βΌ
π Read
via "National Vulnerability Database".
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file. Related to a User Mode Write AV starting at ntdll!RtlpLowFragHeapFree.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23903 βΌ
π Read
via "National Vulnerability Database".
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23891 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor+0x5cd7 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23884 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafted MNG file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23873 βΌ
π Read
via "National Vulnerability Database".
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23898 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23896 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor+0x576b of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23902 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Editor!TMethodImplementationIntercept+0x528a3.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23887 βΌ
π Read
via "National Vulnerability Database".
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23900 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23879 βΌ
π Read
via "National Vulnerability Database".
pdf2json v0.71 was discovered to contain a NULL pointer dereference in the component ObjectStream::getObject.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23888 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor!TMethodImplementationIntercept+0x53f6c3 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted psd file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23901 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23894 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in ntdll!RtlpCoalesceFreeBlocks+0x268 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23899 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23895 βΌ
π Read
via "National Vulnerability Database".
A User Mode Write AV in Editor+0x76af of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.π Read
via "National Vulnerability Database".