Download: The 2020 Cybersecurity Salary Survey Results

The 2020 Cybersecurity Salary Survey was an online survey published in The Hacker News and created to provide insight into the details related to cybersecurity compensation. There were over 1,500 security professionals who completed the survey. Today you can access the aggregated and analyzed 202...

Inim Electronics Smartliving SmartLAN/G/SI 6.x Hard-Coded Credentials

Inim Electronics Smartliving SmartLAN/G/SI =6.x Hard-coded Credentials Vendor: INIM Electronics s.r.l. Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Affected version: =6.x Affected models: SmartLiving 50...

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...

CAINE 11 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response

CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...

Facebook Sued Hong Kong Firm for Hacking Users and Ad Fraud Scheme

Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and Ad fraud. Facebook filed the...

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

EulerOS 2.0 SP2 : gnutls (EulerOS-SA-2019-2432)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have...

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siriurz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strik...

[SECURITY] Fedora 31 Update: djvulibre-3.5.27-17.fc31

DjVu is a web-centric format and software platform for distributing documen ts and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution pictu res. DjVu content downloads faster, displays and renders faster,...

CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

Code injection

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

CVE-2019-19451

The CVE-2019-19451 issue affects Dia (GNOME Dia) prior to the upstream patch release for 2019-11-27: a filename argument that is not a valid codepoint in the current encoding can trigger an endless loop, causing stdout spam. In practice, when triggered from a thumbnailer, the output may be logged...

CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux Distribution

We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4. 2019.4 includes some exciting new updates: A new default desktop environment, Xfce New GTK3 theme for Gnome and Xfce Introduction of “Kali Undercover” mode Kali Documentation has a new home and is now G...

Black Friday Shoppers Targeted By Scams and Fake Domains

Black Friday and Cyber Monday-related scams are nothing new — but researchers warn that this year, they are seeing an uptick in scams using more sophisticated methods to lure users to hand over their payment data. Research released Tuesday by ZeroFOX uncovered some of the threats that attackers a...

A week in security (November 11 – 17)

Last week on Malwarebytes Labs, we offered statistics and information on a sneaky new Trojan malware for Android, inspected a bevy of current Facebook scams, and explained the importance of securing food and agriculture infrastructure. We also released our latest report on cybercrime tactics and...

[SECURITY] Fedora 29 Update: djvulibre-3.5.27-14.fc29

DjVu is a web-centric format and software platform for distributing documen ts and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution pictu res. DjVu content downloads faster, displays and renders faster,...

[SECURITY] Fedora 30 Update: djvulibre-3.5.27-15.fc30

DjVu is a web-centric format and software platform for distributing documen ts and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution pictu res. DjVu content downloads faster, displays and renders faster,...

Debian: Security Advisory (DSA-4563-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...