663 matches found
CVE-2017-17436
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...
DEBIAN-CVE-2017-3157
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...
Bad romance: catphishing explained
You've heard or read about some variant of this story before: Girl meets Boy on a dating website. Girl falls in love. Boy claims he does, too. Girl is excited to meet Boy soon. But at the last minute, Girl finds out that Boy 1 had an accident and broke a hip; 2 has a very sick relative he needs t...
Phony WhatsApp used Unicode to slip under Google’s radar
After a troubling week for Google not so long ago, the company is under the spotlight once more for missing another app that, after further investigations by several members of Reddit, was found laden with adware. This app, which was called "Update WhatsApp Messenger," used the logo and developer...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Taking Healthcare Threat Protection to the Next Level with HITRUST
Healthcare organizations HCOs worldwide continue to be on the receiving end of cyber-attacks. But if we work together we have both the tools and motivation to turn this around. That’s why Trend Micro has been a long-time partner and advocate of the great work HITRUST is doing to help improve...
Tor: Content spoofing on
Vulnerability description not provided...
Discourse: CSRF-tokens on pages without no-cache headers, resulting in ATO when using CloudFlare proxy (Web Cache Deception)
Hi, I noticed this issue on one of your clients which was using CloudFlare in front of their Discourse. This is not affecting try.discourse.org but the same underlying issue can be seen there as well even though it's not exploitable on that specific domain. The TL;DR of issue is basically:...
Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CNVD-2017-28003)
Microsoft Internet Explorer is a popular WEB browser. A memory corruption vulnerability exists in Microsoft Internet Explorer, which allows remote attackers to exploit the vulnerability by presenting a special WEB page and tricking a user into visiting it, which could crash the application or...
HoneypotBuster - Microsoft PowerShell Module to Find HoneyPots and HoneyTokens in the Network
Microsoft PowerShell module designed for red teams that can be used to find honeypots and honeytokens in the network or at the host. CodeExecution Execute code on a target machine using Import-Module. Invoke-HoneypotBuster HoneypotBuster is a tool designed to spot Honey Tokens, Honey Bread Crumbs...
WordPress FTP/SSH Forms Function Cross-Site Request Forgery Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress FTP/SSH forms feature. The vulnerability can be used to...
Airachnid Burp Extension - A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
A Burp extension to test applications for vulnerability to the Web Cache Deception attack. Once the extension has been loaded, it can be accessed in the Target - Sitemap tab and right click on the resource that should be tested. A context sensitive menu item called "Airachnid Web Cache Test" will...
Google Android kernel trace subsystem elevation of privilege vulnerability
Google Android is a Linux-based operating system for smartphone devices. An elevation of privilege vulnerability exists in the Google Android kernel trace subsystem, which can be exploited by a remote attacker to build a malicious application that can be elevated in privilege by inducing a user t...
Huawei Enjoy 5 cell phone design flaw vulnerability
Huawei Enjoy 5 is a smartphone from the Chinese company Huawei Huawei. A design flaw vulnerability exists in previous versions of the Huawei Enjoy 5 phone, TIT-AL00C583B214, where an attacker could trick a user into installing a malicious program to call the interface and modify system properties...
Breaking down a notably sophisticated tech support scam M.O.
Note: Our Tech support scams FAQ page has the latest info on this type of threat, including scammer tactics, fake error messages, and the latest scammer hotlines. You can also read our latest blog, New tech support scam launches communication or phone call app. The cornerstone of tech support sca...
Iceni Argus Integer Overflow Vulnerability
Iceni Argus is the British Iceni company's set of PDF document type conversion tool. Iceni Argus handles special PDF files with an integer overflow vulnerability that can be exploited by an attacker to build malicious PDF files and trick users into parsing them, which can crash the application...
Spear Phishing Techniques Used in Attacks Targeting the Mongolian Government
Introduction FireEye recently observed a sophisticated campaign targeting individuals within the Mongolian government. Targeted individuals that enabled macros in a malicious Microsoft Word document may have been infected with Poison Ivy, a popular remote access tool RAT that has been used for...
Google Chrome blink ui forgery vulnerability
Google Chrome is a popular web browser. Google Chrome blink suffers from a ui forgery vulnerability that allows remote attackers to build malicious WEB pages that can be exploited to trick users into parsing, which can deceive them...
UBUNTU-CVE-2016-5218
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...
Deception Technology: Can It Detect Intruders Earlier in their Attack Chain?
Every infosec conference is chatting about the Attack Chain, a visual mapping of the steps an intruder must take to breach a network. If you can detect traces of an attack earlier, you not only have more time to respond, but can stop the unauthorized access to monetizable data and its exfiltratio...