The flaws exploit the bug using the kit Exploit Kit simple history introduction-vulnerability warning-the black bar safety net

Malicious Trojan virus software as well as the rest of the unpopular French there are many ways to get into your computer, but in snapped past few years, the most popular of the two wrist is an e-mail to seduce and application vulnerability flaws bug the application kit. Now, the scum mail of...

Microsoft Office Outlook CVE-2017-11774 Security Bypass Vulnerability

Description Microsoft Office Outlook is prone to a security-bypass vulnerability because it fails to properly handle input. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary commands in the context of the affected application; this may aid in...

Kanboard Design Vulnerability (CNVD-2017-30944)

Kanboard is a French software developer Frederic Guillot developed a set of open source visualization task board software. The software supports customization of the panel according to the business, task dragging and so on. A security vulnerability exists in Kanboard versions prior to 1.0.47. An...

Kanboard Design Vulnerability (CNVD-2017-30940)

Kanboard is a French software developer Frederic Guillot developed a set of open source visualization task board software. The software supports customization of the panel according to the business, task dragging and so on. A security vulnerability exists in Kanboard versions prior to 1.0.47. An...

FormBook Malware Targets U.S. Defense Contractors, Aerospace and Manufacturing Sectors

Attackers spreading new malware called FormBook are singling out aerospace firms, defense contractors and some manufacturing organizations in the United States and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting the U....

FormBook—Cheap Password Stealing Malware Used In Targeted Attacks

It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsor...

Tragic-Event-Related Scams

In the wake of Sunday's tragic event in Las Vegas, US-CERT warns users to be watchful for various malicious cyber activity targeting both victims and potential donors. Users should exercise caution when handling emails that relate to the event, even if those emails appear to originate from truste...

CVE-2014-8878

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2014-8878

Removed by vendor...

CVE-2014-8878

KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2014-8878

CVE-2014-8878 affects KDE KMail. The available documents state that KDE KMail does not encrypt attachments in emails when “automatic encryption” is enabled, allowing remote attackers to obtain sensitive information by sniffing the network. The root cause is the lack of encryption for attachments ...

CVE-2017-12215

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unauthenticated, remote attacker to cause an affected device to run out of memory and stop scanning and forwarding email messages. When system memory is depleted,...

Cisco AsyncOS Software Denial of Service Vulnerability

The Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system used in it. A denial of service vulnerability exists in the email message filtering feature of AsyncOS Software in the Cisco ESA, which arises from the program...

Attackers Use Undocumented MS Office Feature to Leak System Profile Data

An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by...

PT-2017-4168

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.1.10 Roundcube Webmail versions 1.2.x prior to 1.2.7 Roundcube Webmail versions 1.3.x prior to 1.3.3 Description The issue is related to file-based attachment plugins and allows unauthorized access to...

Cisco AsyncOS Software Security Bypass Vulnerability

Cisco Email Security Appliances ESAs is an email security appliance from Cisco.AsyncOS Software is the operating system used in it.Advanced Malware Protection AMP is one of the Advanced Malware Protection components. Advanced Malware Protection AMP is one of the advanced malware protection...

HelpDEZk File Upload Vulnerability

HelpDEZk is a suite of PHP-based software for managing requests and events. The software manages workflow, logging process and maintenance history through a shared service center. A file upload vulnerability exists in HelpDEZk version 1.1.1. A remote attacker can exploit this vulnerability by...

New Locky Variant 'IKARUSdilapidated' Strikes Again

A second wave of the Locky ransomware variant called IKARUSdilapidated has been identified by security experts. The source of the ransomware is a botnet of zombie computers coordinated to launch phishing attacks that send emails and attachments appearing to come from a targeted recipient’s truste...

Coremail Cross-Site Scripting Vulnerability

Coremail mail system is a large-scale enterprise mail system independently developed by the company. A cross-site scripting vulnerability exists in Coremail XT3.0, which allows remote attackers to inject arbitrary Web script or HTML via hyperlinks in document attachments...

Potential Hurricane Harvey Phishing Scams

US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a...