Creative Spam Thinks Outside the Macro with .IQY Attachments

The Necurs botnet is driving a fresh spam campaign that uses Excel Web Query .IQY file attachments to skim under the antivirus radar. If successful, the attack ultimately delivers the remote access trojan RAT known as FlawedAmmyy. This is the third wave in an offensive that started in late May. T...

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...

CVE-2018-8923

Cross-site scripting XSS vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-8923

Cross-site scripting XSS vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-8923

Cross-site scripting XSS vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-11141

The 'IMAGESJSON' and 'attachmentstoremove' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write...

Despite Ringleader’s Arrest, Cobalt Group Still Active

Evidence has surfaced that the Cobalt Group – the threat actors behind widespread attacks on banks and ATM jackpotting campaigns across Europe – is continuing to operate, despite the arrest of its accused ringleader in March. The Cobalt Group, first burst on the scene in 2016: in a single night,...

2018 Fraud World Cup

There are only two weeks to go before the start of the massive soccer event — FIFA World Cup. This championship has already attracted the attention of millions worldwide, including a fair few cybercriminals. Long before kick-off, email accounts began bulging with soccer-related spam, and scammers...

USN-3660-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service via application crash, install lightweight themes without user interaction, or...

Mozilla: Filename spoofing for external attachments

It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

Mozilla: Filename spoofing for external attachments

It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery Date: 14.05.2018 Introduction: ------------- The totemomail Encryption Gateway protects email communication with any external partner by encryption. It doesn't matter whether you exchange emails with technically savvy...

WordPress GD bbPress Attachments plugin <=2.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by Luigi Gubello in WordPress GD bbPress Attachments plugin versions =2.5. Solution Update the WordPress GD bbPress Attachments plugin to the latest available version at least 2.6...

GD bbPress Attachments <= 2.5 - Authenticated Stored XSS

An authenticated user of a bbPress forum, who can attach a file, can inject arbitrary JavaScript code via the image filename. The arbitrary code runs both on the topic page and in the admin panel, and it only affects the administrators, moderators and the attacker. The variable $error‘file’ in...

CVE-2018-8910

Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

Cross site scripting

Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-8910

Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-8910

Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-8910

Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...

CVE-2018-8911

Cross-site scripting XSS vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...