📢 BRATA malware has evolved to target online banking across Europe, researchers warn 📢
📖 Read
via "ITPro".
The new variant can now access SMS, GPS, and device control to better steal financial data📖 Read
via "ITPro".
IT PRO
BRATA malware has evolved to target online banking across Europe, researchers warn | IT PRO
The new variant can now access SMS, GPS, and device control to better steal financial data
📢 Okta sets aside $1 million to support cyber security training for non-profits 📢
📖 Read
via "ITPro".
One of the projects receiving a grant will help civil society organisations in Ukraine to strengthen their cyber security📖 Read
via "ITPro".
IT PRO
Okta sets aside $1 million to support cyber security training for non-profits | IT PRO
One of the projects receiving a grant will help civil society organisations in Ukraine to strengthen their cyber security
📢 Quantum is 'the future of AWS system security', Amazon claims 📢
📖 Read
via "ITPro".
With third major quantum investment, AWS sets stage for next decade of network infrastructure📖 Read
via "ITPro".
IT PRO
Quantum is 'the future of AWS system security', Amazon claims | IT PRO
With third major quantum investment, AWS sets stage for next decade of network infrastructure
📢 How secure is Gmail? 📢
📖 Read
via "ITPro".
The practical steps you should take to secure your Gmail account, from implementing 2FA to performing regular checkups📖 Read
via "ITPro".
IT PRO
How secure is Gmail? | IT PRO
The practical steps you should take to secure your Gmail account, from implementing 2FA to performing regular checkups
‼ CVE-2020-27509 ‼
📖 Read
via "National Vulnerability Database".
Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs into their mailbox.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34495 ‼
📖 Read
via "National Vulnerability Database".
rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34494 ‼
📖 Read
via "National Vulnerability Database".
rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-9754 ‼
📖 Read
via "National Vulnerability Database".
NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33202 ‼
📖 Read
via "National Vulnerability Database".
Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and earlier and L2Blocker(Cloud) Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative paths or channels for Sensor.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-33146 ‼
📖 Read
via "National Vulnerability Database".
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1846 ‼
📖 Read
via "National Vulnerability Database".
The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1573 ‼
📖 Read
via "National Vulnerability Database".
The HTML2WP WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1095 ‼
📖 Read
via "National Vulnerability Database".
The Mihdan: No External Links WordPress plugin through 4.8.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1572 ‼
📖 Read
via "National Vulnerability Database".
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0722 ‼
📖 Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40897 ‼
📖 Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2217 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40895 ‼
📖 Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in todo-regex v0.1.1 when matching crafted invalid TODO statements.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40899 ‼
📖 Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in repo-git-downloader v0.1.1 when downloading crafted invalid git repositories.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40896 ‼
📖 Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40898 ‼
📖 Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files.📖 Read
via "National Vulnerability Database".