Lucene search
+L

386 matches found

Symantec
Symantec
added 2018/10/09 12:0 a.m.177 views

Microsoft PowerPoint CVE-2018-8501 Security Bypass Vulnerability

Description Microsoft PowerPoint is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code in the context of the affected application; this may aid in launching further attacks. Technologies Affected Microso...

0.4AI score0.18674EPSS
Exploits0References1Affected Software3
CISA
CISA
added 2018/09/14 12:0 a.m.8 views

Potential Hurricane Florence Phishing Scams

NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in...

6.6AI score
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2018/09/11 7:0 a.m.28 views

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit...

7.6CVSS1.5AI score0.12895EPSS
Exploits0
n0where
n0where
added 2018/08/19 2:43 a.m.26 views

OWA for hackers: ExchangeRelayX

ExchangeRelayX is a PoC tools to demonstrate the ability of an attacker to perform an SMB or HTTP based NTLM relay attack to the EWS endpoint on an on-premise Microsoft Exchange server to compromise the mailbox of the victim. This tool provides the attacker with an OWA looking interface, with...

1.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/08/02 4:46 p.m.14 views

Phishing Campaign Steals Money From Industrial Companies

Industrial production companies are the targets in a large-scale spear-phishing email campaign aimed at installing legitimate remote administration software on victims’ systems. Researchers with Kaspersky Lab said that emails purporting to be commercial offers were the conduit to enabling attacke...

1.8AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2018/06/07 1:0 p.m.27 views

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...

0.2AI score
Exploits0
CISA
CISA
added 2018/03/30 12:0 a.m.18 views

Easter Holiday Phishing Scams and Malware Campaigns

As the Easter holiday approaches, NCCIC/US-CERT reminds users to be aware of potential holiday scams and cyber campaigns, which may include emails and ecards from unknown senders that may contain malicious links, fake advertisements or shipping notifications with attachments infected with malware...

6.8AI score
Exploits0References2
CNVD
CNVD
added 2018/03/29 12:0 a.m.4 views

Zimbra Collaboration Suite Cross-Site Scripting Vulnerability

Zimbra Collaboration Suite ZCS is an open source collaboration suite from the US company Zimbra, which includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in the 'ZmMailMsgView.getAttachmentLinkHtml' function in ZCS versions prior to 8.7 Patch 1 and 8.8....

6.1CVSS5.9AI score0.23717EPSS
Exploits2References1
Symantec
Symantec
added 2018/01/09 12:0 a.m.72 views

Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete...

9.3CVSS8.7AI score0.2057EPSS
Exploits0References1Affected Software3
Symantec
Symantec
added 2018/01/09 12:0 a.m.48 views

Microsoft Outlook CVE-2018-0791 Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete...

9.3CVSS8.3AI score0.2057EPSS
Exploits0References1Affected Software2
Carbon Black Blog
Carbon Black Blog
added 2017/12/18 9:16 p.m.17 views

Security IQ:  How to Survive the Holiday Phishing Season

Now that we’ve officially entered the holiday season it’s time to be especially mindful of the ways that an attacker may use this to their advantage. In fact, recent Carbon Black data noted a 20.5% uptick in attempted cyberattacks during the holiday season. “Good” Deals If you’re looking to find...

6.7AI score
Exploits0
CISA
CISA
added 2017/11/09 12:0 a.m.15 views

Microsoft Releases Security Advisory on Dynamic Data Exchange (DDE)

Microsoft has released an advisory that provides guidance on securing Dynamic Data Exchange DDE fields in Microsoft Office applications. Exploitation of this protocol may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Microsoft...

6.6AI score
Exploits0References2
myhack58
myhack58
added 2017/10/11 12:0 a.m.47 views

The flaws exploit the bug using the kit Exploit Kit simple history introduction-vulnerability warning-the black bar safety net

Malicious Trojan virus software as well as the rest of the unpopular French there are many ways to get into your computer, but in snapped past few years, the most popular of the two wrist is an e-mail to seduce and application vulnerability flaws bug the application kit. Now, the scum mail of...

7.3AI score
Exploits0
Symantec
Symantec
added 2017/10/10 12:0 a.m.297 views

Microsoft Office Outlook CVE-2017-11774 Security Bypass Vulnerability

Description Microsoft Office Outlook is prone to a security-bypass vulnerability because it fails to properly handle input. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary commands in the context of the affected application; this may aid in...

6.8CVSS0.9AI score0.59893EPSS
Exploits2References1Affected Software1
The Hacker News
The Hacker News
added 2017/10/05 7:40 a.m.10 views

FormBook—Cheap Password Stealing Malware Used In Targeted Attacks

It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsor...

7.3AI score
Exploits0
CISA
CISA
added 2017/10/03 12:0 a.m.18 views

Tragic-Event-Related Scams

In the wake of Sunday's tragic event in Las Vegas, US-CERT warns users to be watchful for various malicious cyber activity targeting both victims and potential donors. Users should exercise caution when handling emails that relate to the event, even if those emails appear to originate from truste...

6.5AI score
Exploits0References4
Debian CVE
Debian CVE
added 2017/09/27 5:0 p.m.56 views

CVE-2014-8878

Removed by vendor...

5.9CVSS6.1AI score0.0121EPSS
Exploits0
CISA
CISA
added 2017/08/28 12:0 a.m.21 views

Potential Hurricane Harvey Phishing Scams

US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a...

6.7AI score
Exploits0References4
Securelist
Securelist
added 2017/08/25 9:45 a.m.68 views

Neutralization reaction

Incident Response Guide PDF Despite there being no revolutionary changes to the cyberthreat landscape in the last few years, the growing informatization of business processes provides cybercriminals with numerous opportunities for attacks. They are focusing on targeted attacks and learning to use...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/08/15 12:14 a.m.17 views

Warning: Two Dangerous Ransomware Are Back – Protect Your Computers

Ransomware has been around for a few years but has become an albatross around everyone's neck—from big businesses and financial institutions to hospitals and individuals worldwide—with cyber criminals making millions of dollars. In just past few months, we saw a scary strain of ransomware attacks...

6.5AI score
Exploits0
Rows per page
Query Builder