Vulnerabilities

Check if you have Data Breaches in Sephora or StreetEasy

Software violation search page Have I Been Pwned added the software infringements from StreetEasy and Sephora privacy to their motor so that users can verify if their information has been leaked. In June 2016, according to HIBP, StreetEasy was hit by a data breach that exposed data to nearly 1 million users. This data included…

Magecart Affects Hundreds of Thousands of Websites that Continue to Grow

At over two million detections to date, exploiting the infrastructure of shopping sites to steal payment card data is unlikely to end in the near future. These attacks are collectively called Magecart, and multiple groups, some more advanced than others, are currently in the sector. We target online payment forms and steal data on their…

Spam Campaign FTCode PowerShell Ransomware Resurfaces

An ancient PowerShell ransomware resurfaced to Italian recipients with a vengeance in a spam allocation. This ransomware is called the FTCode and is fully PowerShell-based so that the computer can be encrypted without any other parts downloaded. Since 26 September, fresh ransomware named FTCode, which was distributed via spam, has been reported [ 1, 2,3,…

Over 170,000 Users Data up for Grabs After Comodo Forums Breached

Over half of the Comodo Forum users ‘ account information has been robbed and is now traded online. The violation was made possible by exploiting a weakness in the forum’s software. Comodo released a safety notice today informing customers that an intruder might have access to the database of the forums. “A fresh vulnerability has…

New Exim vulnerability Exhibits DoS servers, RCE risks

A fresh critical vulnerability was patched to avoid denial of service (DoS) or potentially remote code implementation assaults in the Exim mail transfer agent (MTA) software. The CVE-2019-16928 safety bug that was reported by QAX-A-TEAM has also been corrected today in Exim version 4.92.3, and affects all versions from 4.92 up to (and including) 4.92.2….

How to enable Cloudflare’s vBulletin CVE-2019-16759 protection

This week a vulnerability and approach to the execution of remote software in zero-day vBulletin has been openly exposed and used by poor performers to attack vBulletin forums. Cloudflare now has a unique rule in place to stop this exploit from operating behind Cloudflare’s service on vBulletin locations. The vulnerabilities in remote code implementation are…

Phishing Campaigns Abusing Open Redirects

In phishing campaigns, open redirects by Google and Adobe are used to give validity to URLs used in spam emails. An open redirect is a website URL which anybody can use to forward users to another website. Unfortunately, many firms, including Google, do not see an open vulnerability in redirecting safety and therefore do nothing…

Beware of Google Alert Links Leading to Malware and Scams

Google Alerts is a helpful service that enables you to obtain messages or an updated RSS feed when fresh Google search pages appear that relate to certain keywords. Sadly, when something is nice, individuals attempt to use it to drive customers into scams and malware. Google Alerts enables you to submit keywords that you do…

Jira Server and Service Desk Fix Critical Security Bugs

Atlassian updates for Jira Service Desk and Jira Service Desk Data Centre have been published to correct a critical security bug that anyone who has access to a sensitive client portal can exploit. Another critical vulnerability affected by Jira Server and Jira Data Center has been patched, which enables the server-side template injection leading to…

Meet Stop Ransomware: The Most Active Ransomware Nobody Talks About

Have you ever heard of the Ransomware STOP? Most researchers probably don’t, as few write, cover it and it mostly targets customers through cracked software, adware bundles and shady websites. Ryuk, GandCrab and Sodinkibi receive enormous and deserved media attention as they produce enormous ransom payments, stop businesses and local authorities and impact company clients…