HummingBad Android Malware Connected to YiSpecter iOS Attacks

The same group of cybercriminals behind a strain of iOS malware uncovered last year have apparently diversified and now dabble in Android malware. The group, dubbed Yingmob, has been running a malware campaign named HummingBad that controls 10 million Android devices globally and rakes in $300,00...

Chinese Ad Firm Infected 85 Million Android Users to Get More Clicks

An Android-based malware campaign has been found to control as many as 85 million Android devices globally and is making its gang an estimated $300,000 per month in fraudulent ad revenue. A Chinese advertising company called Yingmob is responsible for distributing the malware on a massive scale a...

CVE-2016-0398

IBM Cognos Analytics CA 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL...

CVE-2016-0398

IBM Cognos Analytics CA 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL...

Spoofing

IBM Cognos Analytics CA 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL...

CVE-2016-0398

CVE-2016-0398 affects IBM Cognos Analytics (CA) 11.0 and related IBM Cognos BI/Analytics offerings. The vulnerability allows content spoofing via a crafted URL and can mislead users into performing actions under false pretenses. Public descriptions consistently state CA 11.0 before 11.0.2 is vuln...

CVE-2016-0398

IBM Cognos Analytics CA 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL...

Description of Update 1 for Microsoft Advanced Threat Analytics v1.6

Describes update 1 for Microsoft Advanced Threat Analytics ATA v1.6.SymptomsAfter you run Microsoft Advanced Threat Analytics ATA v1.6 for several weeks, the ATA console may display many unexpected suspicious activities of type "Suspicion of identity theft based on abnormal behavior". If...

SA124 : NSS Vulnerabilities March 2016

SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service through application crashes, or to possibly execute arbitrary code. AFFECTED PRODUCTS The following products...

IBM Cognos 11.0 Content Spoofing

/ Content Spoofing Vulnerability in IBM Cognos Analytics Applications Advisory 5190 Patch Release - 30 May 2016 Public Release - 03 June 2016 CVE-2016-0398 The IBM Security Bulletins associated with this CVE have been published at the following URLs: IBM Cognos Analytics 11.0...

IBM Cognos Analytics Content Spoofing Vulnerability

IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards and scorecards, and can assist companies in adjusting their decisions by analyzing key factors and key stakeholders. A content...

Pentaho Business Analytics Information Disclosure Vulnerability - Active Check

Pentaho Business Analytics is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Pentaho Data Integration and Analytics Detection (HTTP)

HTTP based detection of Pentaho Data Integration and Analytics formerly Pentaho Business Analytics / Pentaho Data Integration. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Unraveling Turla APT Attack Against Swiss Defense Firm

Ever since hackers targeted Swiss defense contractor RUAG, government officials have been tight lipped about the breach. But on Monday Switzerland’s CERT Computer Emergency Readiness Team spilled the beans on the attack against the firm and the how perpetrators pulled it off. While Monday’s repor...

CVE-2015-8099

CVE-2015-8099 affects F5 BIG-IP products (multiple modules) where software SYN cookies are configured on virtual servers. Under limited conditions, an invalid TCP segment can cause a DoS (High-Speed Bridge hang) in the data plane via virtual servers. The vulnerability impacts various BIG-IP relea...

The vulnerability of the HPE Vertica database management system allows a perpetrator to execute arbitrary commands.

The vulnerability of the validateAdminConfig handler in the Analytics Management Console of the HPE Vertica database management system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through the...

Modular File Scanning Analysis Framework: MultiScanner

MultiScanner is a file analysis framework that allows the user to evaluate a set of files with a set of tools. Tools can be custom built python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules a...

SA120 : Truncated Diffie-Hellman Secret Generation in libssh2

SUMMARY Blue Coat products that include affected versions of libssh2 are susceptible to a truncated Diffie-Hellman secret length vulnerability. A remote man-in-the-middle MITM attacker can exploit this vulnerability to intercept SSH connections that originate from Blue Coat products. The MITM...

CVE-2016-1036

Cross-site scripting XSS vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-1036

Cross-site scripting XSS vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...