Greta Thunberg: Emotet's Person of the Year

There’s no doubt that teenage climate-change activist and Time Person of the Year Greta Thunberg inspires people around the world – and it turns out, this includes cybercriminals. More specifically, she’s inspiring as an opportunity: According to the Proofpoint Threat Insight team, a global...

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be sa...

The quiet evolution of phishing

The battle against phishing is a silent one: every day, Office 365 Advanced Threat Protection detects millions of distinct malicious URLs and email attachments. Every year, billions of phishing emails don’t ever reach mailboxes—real-world attacks foiled in real-time. Heuristics, detonation, and...

Fileless Attacks: The Next Frontier for Cybercrime

The world of cybersecurity is rapidly evolving, and so are the methods of cybercriminals. More and more attackers are moving away from traditional malware—in fact, 60% of today’s attacks involve fileless techniques. A fileless attack also known as a “memory-based” or “live-off-the-land” attack is...

CVE-2011-3355

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

CVE-2011-3355

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

Design/Logic Flaw

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

CVE-2011-3355

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

CVE-2011-3355

CVE-2011-3355 affects evolution-data-server3 versions 3.0.3 through 3.2.1. The flaw is an insecure non-SSL connection when storing sent email messages into the Sent folder located on a remote server, which could allow an attacker to obtain login credentials. Connected documents corroborate the sa...

Ransomware: 30 Years and Still Going Strong

In the tech world, systems – and methods to break said systems – seem to evolve by the minute. Technological advancement grows exponentially each year, and the realm of cybersecurity is no exception. However, some entities have survived and even thrived over the decades, rather than falling...

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team DART use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief overview of each of the tools that utiliz...

evolution security and bug fix update

evolution 3.28.5-9 - Add patch for RH bug 1724984 ECompEditor Ensure attendee changes stored before save 3.28.5-8 - Add patch for RH bug 1724659 Make sure intltool-merge cache is created only once 3.28.5-7 - Add patch for RH bug 1724232 Help Contents F1 has a bad link to GNOME site...

SUSE-SU-2019:1391-2 Security update for evolution

This update for evolution fixes the following issue: Security issue fixed: - CVE-2018-15587: Fixed OpenPGP signatures spoofing via specially crafted email that contains a valid signature bsc1125230...

xHelper Malware for Android

xHelper is not interesting because of its infection mechanism; the user has to side-load an app onto his phone. It's not interesting because of its payload; it seems to do nothing more than show unwanted ads. it's interesting because of its persistence: Furthermore, even if users spot the xHelper...

Authorization Bypass

evolution-ews is vulnerable to authorization bypass. The vulnerability exists as all certificate errors ignored if configured to ignore an initial error in gnome-online-accounts creation resulting in the connection open to being viewed and modified...

RHEL 8 : evolution (RHSA-2019:3699)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3699 advisory. Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. Security Fixes:...

evolution-ews: all certificate errors ignored if error is ignored during initial account setup in gnome-online-accounts

It was discovered evolution-ews does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference...

Moderate: Red Hat Security Advisory: evolution security and bug fix update

An update for evolution, evolution-data-server, and evolution-ews is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

A Brief History of Russian Hackers' Evolving False Flags

Most hackers know how to cover their tracks. But Russia’s elite groups are working at a whole other level...

Gustuff Android Banker Switches Up Technical Approach

An Instagram-initiated campaign using the Gustuff Android mobile banking trojan has rolled out in October, featuring an updated version of the malware that lowers its detection profile. How the cybercriminals are rolling out the campaign is the same as a previous offensive seen in June, according...