5 matches found
Cross-site Scripting (XSS)
Overview github.com/prometheus/prometheus/web/ui is a systems and service monitoring system Affected versions of this package are vulnerable to Cross-site Scripting XSS via various UI components whose innerHTML is rendered unsanitized, based on user input. The metric names and label values used b...
Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer
Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization WHO with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure. Researchers at FortiGuard Labs on Marc...
U.S. Manufacturer Most Recent Target of LokiBot Malspam Campaign
The well-known LokiBot malware has popped up in several malicious spam campaigns over the past year, covertly siphoning information from victims’ compromised endpoints. Researchers this week are warning of the most recent sighting of the malware, which was recently spotted in spam messages...
GoBotKR Targets Pirate Torrents to Build a DDoS Botnet
A botnet dubbed GoBotKR is targeting fans of Korean TV, compromising computers via pirated copies of South Korean movies, games and TV shows available via Korean and Chinese torrent sites. Ultimately, the cybercriminals are building a network that can then be used to perform DDoS attacks of vario...
How Endpoint Management Can Keep Workplace IT Secure
Workplaces have become highly connected. Even a small business could have dozens of devices in the form of desktops, mobile devices, routers, and even smart appliances as part of its IT infrastructure. Unfortunately, each of these endpoints can now be a weak link that hackers could exploit. Hacke...