Lucene search
+L

386 matches found

Securelist
Securelist
added 2021/03/25 10:0 a.m.51 views

Threat landscape for industrial automation systems. Statistics for H2 2020

Figures Indicator | H1 2020 | H2 2020 | 2020 ---|---|---|--- Global percentage of attacked ICS computers | 32.6% | 33.42% | 38.55% Percentage of attacked ICS computers by region Northern Europe | 10.1% | 11.5% | 12.3% Western Europe | 15.1% | 14.8% | 17.6% Australia | 16.3% | 17.0% | 18.9% United...

1.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2020/09/23 12:25 a.m.15 views

CVE-2019-1983 Cisco Email Security Appliance and Cisco Content Security Management Appliance Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the...

7.5CVSS6.9AI score0.01863EPSS
Exploits0References1
OSV
OSV
added 2020/09/21 10:54 p.m.4 views

USN-4524-1 tnef vulnerabilities

Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service. CVE-2019-18849...

5.5CVSS6.7AI score0.01203EPSS
Exploits1References2
ICS
ICS
added 2020/08/14 12:0 p.m.37 views

Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Summary The Cybersecurity and Infrastructure Security Agency CISA is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration SBA COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that th...

9.3AI score
Exploits0References27
OSV
OSV
added 2020/06/23 6:15 a.m.2 views

CVE-2020-12782

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files...

9.8CVSS7.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/01/31 8:42 p.m.75 views

Iranian Hackers Target U.S. Gov. Vendor With Malware

Iran-linked threat actor APT34 has been observed sending targeted, malicious email attachments to customers and employees of a company that works closely with U.S. government agencies. The company in question is U.S.-based Westat, a professional services company that provides research services to...

1AI score
Exploits0References9
CISA
CISA
added 2020/01/22 12:0 a.m.14 views

Increased Emotet Malware Activity

The Cybersecurity and Infrastructure Security Agency CISA is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or dropper of other malware. Emotet primarily spreads via malicious email attachments and attempts t...

6.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/01/08 11:22 p.m.60 views

Drake Lyrics Used as Calling Card in Malware Attack

A hacker with the handle “Master X” leverages a PowerShell script that contains a reference to singer-songwriter Drake lyric’s “Kiki Do You Love Me” and ultimately delivers a malicious payload to its victims. The campaign is email based; with missives containing a malicious PowerPoint attachment...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/12/12 6:33 p.m.64 views

All in the (Ransomware) Family: 10 Ways to Take Action

In a world where everything is an “as-a-service,” it’s no surprise that ransomware-as-a-service RaaS is a hot ticket on the Dark Web. FortiGuard Labs has observed at least two significant ransomware families – Sodinokibi and Nemty – now being deployed as RaaS solutions. Meanwhile, cybercriminals...

Exploits0References7
Symantec
Symantec
added 2019/12/10 12:0 a.m.63 views

Microsoft PowerPoint CVE-2019-1462 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

0.7AI score0.18328EPSS
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/12/10 12:0 a.m.29 views

Microsoft Access CVE-2019-1400 Information Disclosure Vulnerability

Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...

0.4AI score0.02158EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/12/05 3:15 p.m.3 views

DEBIAN-CVE-2019-18180

Improper Check for filenames with overly long extensions in PostMaster sending in email or uploading files e.g. attaching files to mails of OTRS Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: OTRS Community Edition 5.0.x version 5.0.38...

7.5CVSS5.5AI score0.0192EPSS
Exploits0References1
CISA
CISA
added 2019/10/25 12:0 a.m.11 views

ACSC Releases Advisory on Emotet Malware Campaign

The Australian Cyber Security Centre ACSC has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan—commonly spread via malicious email attachments—that attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. AC...

6.8AI score
Exploits0References2
CISA
CISA
added 2019/10/23 12:0 a.m.9 views

FBI Releases Article on Defending Against E-Skimming

The Federal Bureau of Investigation FBI has released an article to raise awareness on e-skimming threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit card data or personally identifiable information PII. The Cybersecurity and Infrastructure...

6.6AI score
Exploits0References7
The Hacker News
The Hacker News
added 2019/09/26 7:10 p.m.102 views

Outlook for Web Bans 38 More File Extensions in Email Attachments

Malware or computer virus can infect your computer in several different ways, but one of the most common methods of its delivery is through malicious file attachments over emails that execute the malware when you open them. Therefore, to protect its users from malicious scripts and executable,...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2019/09/13 4:6 p.m.167 views

Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious activities – thus evading usually...

7AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.41 views

Debian DLA-1877-1 : otrs2 security update

Several security issues have been fixed in otrs2, a well known trouble ticket system. CVE-2018-11563 An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets. CVE-2019-12746 A user logged into OTRS as a...

6.5CVSS5.7AI score0.02018EPSS
Exploits0References5
CISA
CISA
added 2019/05/20 12:0 a.m.13 views

Staying Cyber Safe During Memorial Day

As Memorial Day approaches, the Cybersecurity and Infrastructure Security Agency CISA reminds users to stay cyber safe. Users should be cautious of potential scams, such as unsolicited emails that contain malicious links or attachments with malware. Users should also be aware of the risks...

6.7AI score
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2019/05/14 7:0 a.m.49 views

Microsoft Dynamics On-Premise Security Feature Bypass

A security feature bypass vulnerability exists in Dynamics On Premise. An attacker who exploited the vulnerability could send attachment types that are blocked by the email attachment system. To exploit the vulnerability, an attacker would need to capture and edit the POST request to include a...

5.9CVSS2.7AI score0.02762EPSS
Exploits0
Fedora
Fedora
added 2018/11/27 3:13 a.m.41 views

[SECURITY] Fedora 27 Update: php-PHPMailer-5.2.27-1.fc27

Full Featured Email Transfer Class for PHP. PHPMailer features: Supports emails digitally signed with S/MIME encryption! Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs Works on any platform. Supports Text & HTML emails. Embedded image support. Multipart/alternative emails for mail...

8.8CVSS8.9AI score0.02178EPSS
Exploits0
Rows per page
Query Builder