80 matches found
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management RMM software for persistent remote access to compromised hosts. "Instead of deploying custom viruses, attackers are bypassing...
CVE-2019-16371
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because dopopupregister can be bypassed via clickjacking...
CISA and Partners Release Advisory Update on Akira Ransomware
Today, Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the Federal Bureau of Investigation, Department of Defense Cyber Crime Center, Department of Health and Human Services, and international partners, released an updated joint Cybersecurity Advisory, StopRansomware:...
EUVD-2019-5065
Malware in sbrugna...
EUVD-2019-7128
Malware in sbrugna...
CVE-2019-13637
In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows. An attacker could exploit this vulnerability by convincing a targeted user to follow a...
GoTo LogMeIn Installed (macOS)
Binary data gotologmeinmacinstalled.nbin...
Why ransomware gangs love using RMM tools—and how to stop them
One of the most alarming trends our ThreatDown Intelligence team has noticed lately is the increased exploitation of legitimate Remote Monitoring and Management RMM tools by ransomware gangs in their attacks. RMM software, such as AnyDesk, Atera, and Splashtop, are essential for IT administrators...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
CVE-2020-35207
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...
Authentication flaw
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
Authentication flaw
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...
CVE-2020-35207
LogMeIn LastPass Password Manager for iOS (version 4.8.11.2403) has an authentication bypass vulnerability: PIN unlock can be forced to succeed via runtime manipulation, allowing an attacker to authenticate with an arbitrary PIN. Root cause: manipulation of the PIN check process. Impact: partial ...
CVE-2020-35207
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
CVE-2020-35208
An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...
PT-2020-17292 · Logmein · Logmein Lastpass Password Manager
Name of the Vulnerable Software and Affected Versions: LogMein LastPass Password Manager version 4.8.11.2403 Description: An issue was discovered in the LogMein LastPass Password Manager app for iOS, where the PIN authentication for unlocking can be bypassed by forcing the authentication result t...
PT-2020-17293 · Logmein · Logmein Lastpass Password Manager
Name of the Vulnerable Software and Affected Versions: LogMein LastPass Password Manager version 4.8.11.2403 Description: An issue was discovered in the LogMein LastPass Password Manager app for iOS, where the password authentication for unlocking can be bypassed by forcing the authentication...
CVE-2019-16371
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because dopopupregister can be bypassed via clickjacking...
Design/Logic Flaw
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because dopopupregister can be bypassed via clickjacking...