Dedicated Machine Learning Behind Early Phishing Detection in Gmail

Cybercrime and state-sponsored advanced attacks continue to cling to email as a primary distribution vehicle for first-stage malware. Phishing campaigns thrive in targeted attacks, and criminals have even resuscitated old-school macro malware in attachments to gain that initial foothold on a...

On the Google Docs Phishing Attack, Intel AMT, and Drone Security

Mike Mimoso and Chris Brook discuss the news of the week, including the Gmail/Google Docs phishing attack, the Intel AMT vulnerability, IBM’s malware-laden USB drives, and drone security. Download: ThreatpostNewsWrapMay52017.mp3 Music by Chris Gonsalves...

1 Million Gmail Users Impacted by Google Docs Phishing Attack

Google said that up to 1 million Gmail users were victimized by yesterday’s Google Docs phishing scam that spread quickly for a short period of time. In a statement, Google said that fewer than 0.1 percent of Gmail users were affected; as of last February, Google said it had one billion active...

Google Docs Phishing Campaign

US-CERT is aware of a phishing campaign that affected Google Docs users. The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access ...

Google Shuts Down Docs Phishing Spree

Google said it has disabled offending accounts involved in a widespread spree of phishing emails today impersonating Google Docs. The emails, at the outset, targeted journalists primarily and attempted to trick victims into granting the malicious application permission to access the user’s Google...

Warning! Don't Click that Google Docs Link You Just Received in Your Email

Did someone just share a random Google Doc with you? First of all — Do not click on that Google Doc link you might have just received in your email and delete it immediately — even if it's from someone you know. I, my colleagues at The Hacker News, and even people all around the Internet,...

Fedora 24 : ansible (2017-c2129c77ca)

Backport fix for https://github.com/ansible/ansible/issues/22572 ---- Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes. rst and html docs have been split out into a ansible-docs subpackage. Includes fix for CVE-2017-7466...

Hot on the Credential Theft Trail: Tracking a Hacker from a Dropbox Phishing Campaign

We the Imperva Defense Center research team frequently investigate cases of credential theft to gain a deeper understanding of methods and tools used by cyber criminals—in particular, to learn how accounts are taken over once credentials are compromised through phishing campaigns. We recently cho...

WordPress BuddyPress Docs Unauthorized Operation Vulnerability

WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Software Foundation, which supports the hosting of personal blog sites on servers running PHP and MySQL.BuddyPress Docs is one of the plugins for adding collaborative workspaces. A security vulnerability...

Code injection

An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions...

CVE-2017-6954

An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions...

CVE-2017-6954

An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions...

CVE-2017-6954

An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions...

CVE-2017-6954

Vulnerability in BuddyPress Docs WordPress plugin (pre-1.9.3) in includes/component.php allows authenticated users to edit other users’ documents due to improper authorization. Impact is unauthorized edits of documents; CVSS base scores (4.0–4.3) indicate MEDIUM severity. Remediation: upgrade to ...

Google Docs - BSD license, Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Google Docs published at the 'play' market has multiple vulnerabilities...

VK Docs - Customized SSL, LGPL license vulnerabilities

HackApp vulnerability scanner discovered that application VK Docs published at the 'play' market has multiple vulnerabilities...

Oracle Linux 7 : gstreamer-plugins-good (ELSA-2017-0019)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0019 advisory. 0.10.31-12 - Disable insecure FLX plugin Resolves: rhbz1400842 Tenable has extracted the preceding description block directly from the Oracle Linux...

Debian Security Advisory DSA 3727-1 (hdf5 - security update)

Cisco Talos discovered that hdf5, a file format and library for storing scientific data, contained several vulnerabilities that could lead to arbitrary code execution when handling untrusted data. OpenVAS Vulnerability Test $Id: deb3727.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated fro...

Threat Outbreak Alert RuleID25183: Email Messages Distributing Malicious Software on September 26, 2016

Medium Alert ID: 49039 First Published: 2016 September 26 14:26 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID25183 may contain the following files: Name ...

Data Exfiltration Toolkit: DET

Data Exfiltration Toolkit DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. This is a Proof of Concept aimed at identifying possible DLP failures. This should never be used to exfiltrate sensitive/live data. The id...