EUVD-2017-16218

Malware in sbrugna...

iMonitor EAM 安全漏洞

iMonitor EAM is an employee computer network activity monitoring software from iMonitor USA. A security vulnerability exists in iMonitor EAM version 9.6394, which stems from the use of default administrative credentials without mandatory modifications, which could allow a remote attacker to take...

iMonitor EAM 安全漏洞

iMonitor EAM is an employee computer network activity monitoring software from iMonitor USA. A security vulnerability exists in iMonitor EAM version 9.6394, which stems from the failure to use authentication or encryption during communication, which could lead to the disclosure of sensitive...

iMonitor EAM 安全漏洞

iMonitor EAM is an employee computer network activity monitoring software from iMonitor USA. A security vulnerability exists in iMonitor EAM version 9.6394, which stems from an insecure system service update mechanism that could lead to elevated privileges...

A week in security (April 27 – May 3)

Last week on Malwarebytes Labs: On world password day, Microsoft says fewer passwords, more passkeys Apple AirPlay SDK devices at risk of takeover—make sure you update The 3 biggest cybersecurity threats to small businesses Zero-day attacks on browsers and smartphones drop, says Google Fake Socia...

Employee monitoring app exposes users, leaks 21+ million screenshots

Unfortunately, spyware apps with poor reputations and even weaker security practices are all too common. I’ve lost count of how many blogs I’ve written about stalkerware-type apps that not only exposed the people they spied on but also ended up exposing the spies themselves. However, perhaps one...

Kickdler 安全漏洞

Kickdler is an employee monitoring software from Kickdler Inc. that explores employee computer activity levels to improve productivity and find growth. A security vulnerability exists in versions prior to Kickdler v1.107.0 that stems from the presence of a Reflected Cross-Site Scripting XSS...

What to Do When Your Boss Is Spying on You

Employee monitoring increased with Covid-19’s remote work—and stuck around for back-to-the-office...

Conti Ransomware Group Diaries, Part III: Weaponry

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what its like to be an employee of Contis sprawling organization. Todays Part III looks at how Conti abused popular commercial...

Working from home? You’re probably being spied on

One year ago, as countless employees settled into new routines for working from home WFH, a Reddit user shared a video online of a strange contraption: A wire coat hanger bent out of shape, one side gripping an external USB mouse, the other side latched onto an oscillating fan. As the fan swished...

Insider Threats, a Cybercriminal Favorite, Not Easy to Mitigate

LAS VEGAS – Insider threats are an ongoing top danger for companies — but when it comes to mitigation efforts, incident-response teams face an array of challenges. Discussions with various incident-response teams revealed that between 25 to 30 percent of data breaches involved an external actor...

Your iPhone will Alert You if You are Being Monitored At Work

Are You an Employee? It's quite possible that someone has been reading your messages, emails, listening to your phone calls, and monitoring your activities at work. No, it's not a spy agency or any hacker… ...Oops! It's your Boss. Recently, European Court had ruled that the Employers can legally...

Cyclope Employee Surveillance 8.6.1 Insecure File Permissions

Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link: http://www.cyclope-series.com/setups/setup.exe Software descriptio...

Cyclope Employee Surveillance v8.6.1 Insecure File Permissions Vulnerability

Exploit for windows platform in category local exploits Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...

Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions

Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities

No description provided by source. Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employ...

Cyclope Employee Surveillance Solution 6.0 LFI / SQL Injection

Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employee monitoring software developed by...

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download:...

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities

Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employee monitoring software developed by...

Cyclope Employee Surveillance Solution 6.0 SQL Injection

Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employee monitoring software developed by...