17 matches found
AnyComment security vulnerability
AnyComment is an embedded comment system tool developed by the Russian company AnyComment. Version 0.4.4 of AnyComment contains a security vulnerability; this vulnerability arises from the lack of input cleaning in the comment section, which may lead to cross-site scripting attacks...
Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures
A Russia-nexus adversary has been linked to 94 new domains starting March 2023, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the revamped infrastructure to a threat actor it...
Russian Software Company Pretending to Be American
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian to...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53539)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that can be exploited by remote attackers to perform basic cross-site scripting DOM attacks...
TrueConf Server Cross-Site Request Forgery Vulnerability
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to cross-site request forgery, which can be exploited by remote attackers to perform cross-site request forgery attacks...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53542)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53538)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that can be exploited by remote attackers to perform basic cross-site scripting DOM attacks...
TrueConf Server Cross-Site Scripting Vulnerability
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary HTML and script code in the user's browser...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53540)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server contains a cross-site scripting vulnerability that could be exploited by remote attackers to perform basic cross-site scripting Reflected attacks...
TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53541)
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. TrueConf Server version 4.3.7 is vulnerable to a cross-site scripting vulnerability stemming from certain unknown processing of the file /admin/conferences/list/, where parameter ordering...
QAnon/8Chan Sites Briefly Knocked Offline
A phone call to an Internet provider in Oregon on Sunday evening was all it took to briefly sideline multiple websites related to 8chan/8kun -- a controversial online image board linked to several mass shootings -- and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic...
BINOM3 Electric Power Quality Meter Unauthorized Operation Vulnerability
BINOM3 Electric Power Quality Meter is an electrical power quality monitor for SCADA systems from the Russian company BINOM3. An unauthorized operation vulnerability exists in BINOM3 Electric Power Quality Meter, which could be exploited by an attacker to perform unauthorized operations on the...
New Mac OS X adware Trojan spreading via browser plugin
Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...
NSA Group Security Advisory NSAG-№202-25.02.2006 Vulnerability WEBSITE GENERATOR 3.3
Advisory: NSAG-№202-25.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: WEBSITE GENERATOR 3.3 Site of manufacturer: http://freehostshop.com The status: 19/11/2005 - Publication is postponed...
NSAG-196-23.02.2006.txt
Advisory: NSAG-¹196-23.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.2 Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. 19/11/2005 ...
NSA Group Security Advisory NSAG-№196-23.02.2006 Vulnerability FCKeditor 2.2
Advisory: NSAG-№196-23.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.2 Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. 19/11/2005 ...
NSA Group Security Advisory NSAG-№198-23.02.2006 Vulnerability ArGoSoft Mail Server Pro
Advisory: NSAG-№201-24.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 POP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is postponed...