66 matches found
Fedora Update for opendmarc FEDORA-2019-24b3f84f6e
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
The vulnerability of the Palo Alto Networks Migration Tool, a tool for migrating network configuration settings, allows attackers to carry out domain-based scenario attacks.
The vulnerability of the Palo Alto Networks Migration Tool’s network configuration transfer utility exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform domain-based attacks using a specially created...
Qualys BrowserCheck CoinBlocker Protects Users From Active Cryptojacking Campaigns
Qualys Malware Research Labs recently released the Qualys BrowserCheck CoinBlocker Chrome Extension. We have seen enthusiastic adoption from users across the globe in the first week since its release, which has given us enough telemetry data to indicate success in protecting users from popular...
Design/Logic Flaw
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of...
Oracle JRE - java.net.URLConnection class – Same-of-Origin (SOP) Policy Bypass
No description provided by source. Description Security-Assessment.com discovered that a Java Applet making use of java.net.URLConnection class can be used to bypass same-of-origin SOP policy and domain based security controls in modern browsers when communication occurs between two domains that...
Twitter added DMARC support to prevent email phishing
Twitter announced via its blog today that it has begun using a new method called Domain-based Message Authentication, Reporting and Conformance DMARC to help prevent email phishing. DMARC is actually a standard for preventing email spoofing, in order to make it harder for attackers to send phishi...