Lucene search
K

7085 matches found

Trellix
Trellix
added 2026/01/27 12:0 a.m.7 views

From Digital Innovation to Patient Harm: Why Healthcare Cybersecurity Is Now a C-Suite Imperative

From Digital Innovation to Patient Harm: Why Healthcare Cybersecurity Is Now a C-Suite Imperative By John Fokker · January 27, 2026 For decades, healthcare systems were designed with one core principle: patient safety. Clinical devices operated in largely closed environments, disconnected from th...

5.6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-15164

Malware in sbrugna...

6.1CVSS6.1AI score0.00378EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 6:24 p.m.9 views

CVE-1999-0354

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message...

7.5CVSS7.1AI score0.05111EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2023/06/21 3:0 a.m.15 views

Ransomware attackers email bemused students as leverage for a payout

The University of Manchester has fallen victim to a ransomware gang, who are currently applying an interesting twist to their attack. Blackmail and pressure are two ways to extract funds from potential victims. We see this in sextortion cases, as well as in social engineering. Here, the fraudster...

6.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/05/04 12:0 a.m.9 views

Inside the 2022 Email Cyber Threat Landscape

Key trends and predictions you should know about...

6.9AI score
Exploits0
Prion
Prion
added 2023/01/13 6:15 a.m.18 views

Design/Logic Flaw

A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An attacker can shadow other users with the same email and lockout or impersonate them...

6.4CVSS6.3AI score0.007EPSS
Exploits0References1
Prion
Prion
added 2022/12/22 8:15 p.m.15 views

Out-of-bounds

It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird 91.6.1...

6.8CVSS8.2AI score0.00701EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/12/13 3:8 a.m.54 views

CVE-2022-41273

CVE-2022-41273 affects SAP Sourcing and SAP Contract Lifecycle Management (CLM) version 1100, due to improper input sanitization in the affected components. The vulnerability allows an attacker to lure a user into clicking a manipulated link via email, leading the user to log in and subsequently ...

6.1CVSS6.2AI score0.00464EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2022/09/26 4:34 p.m.3 views

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...

8.1CVSS7.6AI score0.00768EPSS
Exploits0References6
Malwarebytes
Malwarebytes
added 2022/06/13 10:29 a.m.20 views

A week in security (June 6 – June 12)

Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for Ukraine Microsoft autopatch is here…but can you use it? Prometheus ransomwares flaws inspired researchers to try to build a near-universal decryption tool Rotten apples banned from App store Hackers can take over...

0.7AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/26 7:37 p.m.24 views

Cybercriminals Love Supply-Chain Chaos: Here’s How to Protect Your Inbox

Over the last couple of months, the Zix Threat Research team has observed threat actors using new tactics to spoof logistics and supply-chain companies, hoping for an easy compromise. As we have seen throughout the COVID-19 pandemic, cybercriminals are flourishing in these times of upheaval, due ...

6.7AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2021/08/12 4:0 p.m.233 views

Attackers use Morse code, other encryption methods in evasive phishing campaign

Cybercriminals attempt to change tactics as fast as security and protection technologies do. During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation...

0.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/05/28 12:0 a.m.231 views

New sophisticated email-based attack from NOBELIUM

Microsoft Threat Intelligence Center MSTIC has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and...

4.3CVSS7.2AI score0.07082EPSS
Exploits0
OSV
OSV
added 2021/01/08 3:34 p.m.6 views

MGASA-2021-0010 Updated squirrelmail packages fix security vulnerabilities

XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of for example a NOEMBED,...

6.1CVSS5.9AI score0.01819EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2020/03/11 12:29 p.m.33 views

Necurs Botnet in Crosshairs of Global Takedown Offensive

A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure. The move came after Microsoft and partners across 3...

7.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/03/11 12:29 p.m.11 views

Necurs Botnet in Crosshairs of Global Takedown Offensive

A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure. The move came after Microsoft and partners across 3...

7.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/11/19 4:27 p.m.70 views

Fake 'Windows Update' Installs Cyborg Ransomware

A malicious spam campaign that informs victims it contains a “critical Windows update” instead leads to the installation of Cyborg ransomware, researchers have found. Further, they were able to access its builder, which can be used to create malware variants. The email-based threat, discovered...

Exploits0References5
ThreatPost
ThreatPost
added 2019/02/13 8:55 p.m.125 views

ThreatList: Banking Trojans Are Still The Top Big Bad for Email

While APT activity and a raft of malware types continue to capture the notice of researchers and journalists, it turns out that trusty old banking trojans remain the top email-borne threat out there. According to Proofpoint’s latest quarterly report, analyzing trends for the fourth quarter of 201...

7.1AI score
Exploits0References12
Wired Threat Level
Wired Threat Level
added 2018/12/19 9:50 p.m.104 views

A Devious Phishing Scam Targets Apple App Store Customers

Be on the lookout for emails that claim to be from the App Store...

2.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/25 3:0 p.m.73 views

Sextortion emails: They’re probably not watching you

Back in July, Krebs on Security reported on a rather novel scam, where the threat actor would use credentials from old data dumps to suggest that they had directly hacked the victim and obtained the victim's presumably sensitive browser history. Stolen credentials aside, sex-based extortion scams...

0.2AI score
Exploits0
Rows per page
Query Builder