Lucene search
K

80 matches found

The Hacker News
The Hacker News
added 2022/04/07 3:29 p.m.40 views

First Malware Targeting AWS Lambda Serverless Platform Discovered

A first-of-its-kind malware targeting Amazon Web Services' AWS Lambda serverless computing platform has been discovered in the wild. Dubbed "Denonia" after the name of the domain it communicates with, "the malware uses newer address resolution techniques for command and control traffic to evade...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/12 12:28 p.m.60 views

DNS-over-HTTPS takes another small step towards global domination

Firefox recently announced that it will be rolling out DNS-over-HTTPS or DoH soon to one percent of its Canadian users as part of its partnership with CIRA the Canadian Internet Registration Authority, the Ontario-based organization responsible for managing the .ca top-level domain for Canada and...

0.8AI score
Exploits0
Kitploit
Kitploit
added 2021/06/06 12:30 p.m.220 views

Typodetect - Detect The Active Mutations Of Domains

This tool gives blue teams, SOC's, researchers and companies the ability to detect the active mutations of their domains, thus preventing the use of these domains in fraudulent activities, such as phishing and smishing. For this, Typodetect allows the use of the latest available version of the TL...

7.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2021/01/16 7:30 a.m.56 views

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers

The U.S. National Security Agency NSA on Friday said DNS over HTTPS DoH — if configured appropriately in enterprise environments — can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used by threat actors. "DNS over Hypertext Transfer Protocol over Transpo...

7.4AI score
Exploits0
Akamai Blog
Akamai Blog
added 2020/12/28 2:0 p.m.60 views

Smart DNS for the New Network Edge: Emerging Requirements for DNS Encryption

This blog post -- the fourth in a series -- will discuss how smart DNS resolvers can enhance ongoing ISP and MNO network transformation efforts, such as the transition to 5G, better integration of Wi-Fi, and new network designs that optimize the edge to improve service delivery and network...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2020/12/10 12:0 a.m.24 views

CentOS: Security Advisory for firefox (CESA-2020:5239)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.0245EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.43 views

CentOS 7 : firefox (RHSA-2020:5239)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5239 advisory. - Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted...

9.3CVSS7.9AI score0.0245EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.85 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3458-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...

9.6CVSS8AI score0.5063EPSS
Exploits3References26
RedHat Linux
RedHat Linux
added 2020/11/30 11:12 p.m.135 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.3CVSS6.8AI score0.0245EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2020/11/30 11:12 p.m.3 views

Mozilla: DoH did not filter IPv4 mapped IP Addresses

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding...

6.5CVSS7.3AI score0.01151EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 9:4 a.m.123 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.3CVSS6.8AI score0.0245EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.58 views

openSUSE Security Update : MozillaFirefox (openSUSE-2020-2031)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...

9.6CVSS8AI score0.5063EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.62 views

RHEL 8 : thunderbird (RHSA-2020:5232)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5232 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.0. Security Fixes: Mozilla:...

9.3CVSS7.6AI score0.0245EPSS
Exploits1References22
OSV
OSV
added 2020/11/21 12:21 p.m.14 views

MGASA-2020-0433 Updated thunderbird packages fix security vulnerabilities

Variable time processing of cross-origin images during drawImage calls. CVE-2020-16012 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code. CVE-2020-26951 Fullscreen could be enabled without displaying the security UI. CVE-2020-26953 XSS through paste manual...

9.3CVSS7.4AI score0.0245EPSS
Exploits1References4
Mageia
Mageia
added 2020/11/19 8:52 a.m.62 views

Updated firefox and nss packages fix security vulnerabilities

When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel...

9.3CVSS0.5AI score0.0245EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/11/18 12:0 a.m.29 views

Mozilla Firefox Security Advisories (MFSA2020-50, MFSA2020-52) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.6CVSS7.2AI score0.5063EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2020/11/18 12:0 a.m.21 views

Mozilla Thunderbird Security Advisories (MFSA2020-50, MFSA2020-52) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

9.3CVSS7.8AI score0.0245EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2020/11/18 12:0 a.m.23 views

Mozilla Firefox Security Advisories (MFSA2020-50, MFSA2020-52) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.6CVSS7.2AI score0.5063EPSS
Exploits3References1
Kaspersky
Kaspersky
added 2020/11/17 12:0 a.m.70 views

KLA12010 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, perform cross-site scripting attack, spoof user interface, execute arbitrary code, bypass security restrictions. Bel...

9.6CVSS10AI score0.5063EPSS
Exploits3References4
Mozilla
Mozilla
added 2020/11/17 12:0 a.m.164 views

Security Vulnerabilities fixed in Firefox 83 — Mozilla

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. Incorrect bookkeepi...

9.3CVSS9.4AI score0.0245EPSS
Exploits1References21Affected Software1
Rows per page
Query Builder