CVE-2020-26220 Information exposure in touchbase.ai

toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software version data etc if present. The issue is fixed in version 2.0...

Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK™ and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneli...

CVE-2020-3565

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies including Geolocation and Service Polices on an affected system. The vulnerability exists because TCP...

Improper access control

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies including Geolocation and Service Polices on an affected system. The vulnerability exists because TCP...

CVE-2020-3565 Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies including Geolocation and Service Polices on an affected system. The vulnerability exists because TCP...

Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies including Geolocation and Service Polices on an affected system. The vulnerability exists because TCP...

Malicious Package

loadyaml is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

Malicious Package

electorn is a malicious package. The package exfiltrates IP, IP-based geolocation, home directory name, and local username through a preinstall script during installation...

Malicious code in `loadyaml`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...

Malicious code in `electorn`

npm packages loadyaml and electorn were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local...

Malicious Package

Overview loadyaml was removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local username Recommendatio...

Malicious Package

Overview electorn was removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local username Recommendatio...

SUSE-SU-2020:2749-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.3.0 ESR bsc1176756, MFSA 2020-43 - CVE-2020-15677: Download origin spoofing via redirect - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a contenteditable element - CVE-2020-15678: Whe...

Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The...

Zeppelin Ransomware Returns with New Trojan on Board

The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. A wave of attacks were spotted in August by Juniper Threatlab researchers, making use of a new trojan downloader. These, like an initial Zeppelin wave observed in late 2019, start with phishing emails with...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2020:1384-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:2563-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.2.0 ESR - Fixed: Various stability, functionality, and security fixes Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 - CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Service...

SUSE-SU-2020:2563-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.2.0 ESR Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Service cou...

GHSA-H2JV-5V3F-7M7J Downloads Resources over HTTP in adamvr-geoip-lite

Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions b...

Downloads Resources over HTTP in adamvr-geoip-lite

Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions b...