492 matches found
Infected Site Spreading SMS Android Malware
The website of a popular watch retailer is reportedly redirecting users that visit the site on Android-based devices to a number of malicious domains serving up premium rate SMS malware. According to a WebRoot report, users that visit the unnamed watch-selling website in Bulgaria are redirected t...
House Hearing to Address Capital Market Threats
The House Committee on Financial Services is hosting a hearing tomorrow in which they will explore the various cyber threats targeting capital markets and government sponsored enterprises. Entitled “Cyber Threats to Capital Markets and Corporate Accounts,” the hearing in front of the Committee on...
Specialized Trojan can stealing credit card details from hotel
Specialized Trojan can stealing credit card details from hotel The next time you check in to a hotel, a cybercriminal could be checking you out. A remote access computer Trojan RAT designed to steal credit card details from hotel point-of-sale PoS applications is being sold on the underground...
Mac OS X OSX/Flashback Trojan Detection
Using the supplied credentials, Nessus has found evidence that the remote Mac OS X host has been compromised by a trojan in the OSX/Flashback family of trojans. The software is typically installed by means of a malicious Java applet or Flash Player installer. Depending on the variant, the trojan...
Mobile, Android Threats Continued Sharp Growth in 2011
The occurrence of mobile malware increased by 155 percent across all platforms in 2011, and, according to Juniper Network’s 2011 Mobile Threat Report, malware specifically targeting the Android operating system saw its own increase of more than 3,000 percent. Juniper Networks attributes Android’s...
Elevating Privileges Via Windows Installers
There’s an odd bit of behavior that some Windows systems will exhibit when certain kinds of installers are launched, automatically elevating the privileges of the installer process to system-level privileges. In theory, the issue shouldn’t be exploitable because at one point in the process the...
Safenet Sentinel and 7-T Input Sanitization Vulnerability
Overview ICS-CERT originally released advisory ICSA-11-314-01P on the US-CERT secure portal on November 14, 2011. This web page release was delayed to allow users time to download and install the update. Security researcher Carlos Mario Penagos Hollman of Synapse-labs has identified an input...
CVE-2004-2335
The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program...
CVE-2004-2335
Technical details about CVE-2004-2335 are not publicly provided in the connected documents. Current sources reiterate the issue with Macromedia installers elevating privileges on macOS. Monitor for updates for vulnerability specifics.
CVE-2004-2335
The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program...
Advisory: Sun's jre/jdk 1.4.2 multiple vulernabilities in linux installers
Author: Stan Bubrouski Date: October 31, 2003 Packages: j2re/j2sdk OS: Linux possibly others, see below Versions: 1.4.2 - 1.4.202 Severity: Local users may overwrite any file owned by the user who installs java due to insecure file handling while unpacking/installing java. Problem: There are two...
Security update 1970-01-01
...