WikiLeaks Reveals Two CIA Malware Frameworks

WikiLeaks released details on what it claims are two frameworks for malware samples dubbed AfterMindnight and Assassin, both allegedly developed by the U.S. Central Intelligence Agency. The revelations come amid worldwide efforts to squelch variants of the WannaCry ransomware, an offensive hackin...

WikiLeaks Reveals CIA Tool 'Scribbles' For Document Tracking

Update WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency’s effort to keep tabs on documents leaked to whistleblowers and journalists. Scribbles allegedly embeds a web beacon-style tag into watermarks located ...

CVE-2016-4047

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions .dtd resources can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a result an attacker...

Xxe

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions .dtd resources can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a result an attacker...

CVE-2016-4047

CVE-2016-4047 affects Open-Xchange OX App Suite prior to 7.8.1-rev8. The root cause is information disclosure through parsing of generated documents where references to external Open XML DTD resources can be embedded in .docx/.xlsx files; these resources are requested during parsing, enabling an ...

Microsoft Biztalk Server DTA vulnerable to SQL injection

Security Advisory Name: Microsoft Biztalk Server Document Tracking and Admnistration vulnerable to SQL injection System Affected : BizTalk Server 2000 and BizTalk Server 2002 Severity : High Remote exploitable : Yes Author: Cesar Cerrudo. Date: 05/05/03 Advisory Number: CC040302 Legal Notice: Thi...