Developer of NanoCore RAT that targeted Canada, US & Steam jailed

By Waqas The developer of NanoCore RAT remote access Trojan has been sentenced This is a post from HackRead.com Read the original post: Developer of NanoCore RAT that targeted Canada, US & Steam jailed...

Deepfakes FakeApp tool (briefly) includes cryptominer

A few weeks ago, we took a look at a forum dedicated to Deepfake clips where the site was pushing Coinhive mining scripts in the website's HTML code. As it turns out, there's been another mining blow-out in the form of one of the apps used to make the fakes. That's right—a tool designed to push...

Smart Shoutbox, 2.9.5, SQL Injection

Smart Shoutbox by thekrotek.com, version 2.9.5 and previous, SQL Injection resolution: update to 3.0.0, version released July 2017 update notice: so far the developer has not made an update notice making clear that this was a security release The developer says "Version 3.0 is an absolutely new...

Flight Sim Labs’ ‘Heavy Handed’ Anti-Piracy Tactics Raise Hackles

Software developer Flight Sim Labs is in hot water after acknowledging that it installed a password harvester for the Google Chrome browser in its flight simulator product. The company explained it was only targeting pirate users of its software, but critics are calling the tactics “dirty”. The...

DVHMA - Damn Vulnerable Hybrid Mobile App (For Android) That Intentionally Contains Vulnerabilities

Damn Vulnerable Hybrid Mobile App DVHMA is an hybrid mobile app for Android that intentionally contains vulnerabilities. Its purpose is to enable security professionals to test their tools and techniques legally, help developers better understand the common pitfalls in developing hybrid mobile ap...

Microsoft Windows - Global Reparse Point Security Feature BypassElevation of Privilege

Microsoft Windows - Global Reparse Point Security Feature BypassElevation of Privilege Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege...

Ubuntu: Security Advisory (USN-3544-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox regressions (USN-3544-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3544-2 advisory. USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances...

USN-3544-2 firefox regressions

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. I...

USN-3544-2: Firefox regressions

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. I...

The vulnerability of the Developer Tools component of the Mozilla Firefox ESR browser allows a perpetrator to execute arbitrary code.

The vulnerability of the Developer Tools component in Mozilla Firefox and Firefox ESR browsers is related to the insufficient elimination of special elements in the source code of the pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code when opening a style edit...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, allowing an attacker to cause a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, when changing the size of image objects in the developer mode. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

PT-2018-4968 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions 4.1 through 4.8.1.0 Apache CloudStack version 4.9.0.0 Description: The issue allows a malicious user to reset the API keys for another non-root CloudStack user if the malicious user can determine the ID of that user...

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02266)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Developer Tools is one of the development tools. A security vulnerability exists in the Developer Tools component of Mozilla Firefox prior to version 58. The vulnerability can be exploited by an attacker...

Ubuntu: Security Advisory (USN-3544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3544-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3544-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02236)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 58, where the Developer Tools panel in an extension is used to load URLs, but the program does not enforce this process in al...

USN-3544-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP...

USN-3544-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP...