RHEL 7 : thunderbird (RHSA-2018:1725)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:1725 advisory. - Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150 - Mozilla: Use-after-free with SVG animations and clip...

Debian DSA-4209-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

RHEL 6 : thunderbird (RHSA-2018:1726)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:1726 advisory. - Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150 - Mozilla: Use-after-free with SVG animations and clip...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Debian: Security Advisory (DSA-4209-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

Security update for Mozilla Thunderbird (important)

This update for Mozilla Thunderbird to version 52.8 fixes the following issues: Security issues fixed MFSA 2018-13, boo1092548: - CVE-2018-5183: Backport critical security fixes in Skia - CVE-2018-5154: Use-after-free with SVG animations and clip paths - CVE-2018-5155: Use-after-free with SVG...

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2018-486)

This update for Mozilla Thunderbird to version 52.8 fixes the following issues : Security issues fixed MFSA 2018-13, boo1092548 : - CVE-2018-5183: Backport critical security fixes in Skia - CVE-2018-5154: Use-after-free with SVG animations and clip paths - CVE-2018-5155: Use-after-free with SVG...

CVE-2018-11242

An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases locally stored are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files...

Security fix for the ALT Linux 10 package thunderbird version 52.8.0-alt1

May 19, 2018 Andrey Cherepanov 52.8.0-alt1 - New version 52.8.0. - Enigmail 2.0.4. - Fixes: + CVE-2018-5183 Backport critical security fixes in Skia + CVE-2018-5184 Full plaintext recovery in S/MIME via chosen-ciphertext attack + CVE-2018-5154 Use-after-free with SVG animations and clip paths +...

Latin American ‘Biñeros’ Bond Over Fraudulent Purchase Scheme

A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely and as often as possible. Cybercriminals in the region are making use of problems in the validation process for bank identificatio...

The vulnerability of the qcril_uim_clear_encrypted_pin function in Qualcomm’s Android operating system allows a hacker to trigger a buffer overflow.

The vulnerability of the qcriluimclearencryptedpin function in Qualcomm’s Android operating system arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to trigger a buffer overflow...

Mexico’s Banking System Sees $18M Siphoned Off in Phantom Transactions

Somewhere between $18 million to $20 million has gone missing during unauthorized interbank money transfers in Mexico’s central banking system. Authorities are investigating the shadow transactions, but answers are thus far scarce. The affected banks and government officials are determining wheth...

OpenPGP Information Disclosure Vulnerability

OpenPGP is a set of email encryption standards that supports multiple platforms. An information disclosure vulnerability exists in OpenPGP. An attacker could exploit this vulnerability to conduct a man-in-the-middle attack and obtain messages in plaintext form from encrypted emails...

Hackers Reveal How Code Injection Attack Works in Signal Messaging App

After the revelation of the eFail attack details, it's time to reveal how the recently reported code injection vulnerability in the popular end-to-end encrypted Signal messaging app works. As we reported last weekend, Signal has patched its messaging app for Windows and Linux that suffered a code...

CVE-2018-5152

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firef...

Virginia Beach Police Want Encrypted Radios

This article says that the Virginia Beach police are looking to buy encrypted radios. Virginia Beach police believe encryption will prevent criminals from listening to police communications. They said officer safety would increase and citizens would be better protected. Someone should ask them if...

Real-Time Two-Factor Phishing Tool: ReelPhish

2FA adds an extra layer of authentication on top of the typical username and password. Two common 2FA implementations are one-time passwords and push notifications. One-time passwords are generated by a secondary device, such as a hard token, and tied to a specific user. These passwords typically...

Get Dashlane Password Manager Premium (50% + 10% OFF)

Happy 'World Password Day'! Today is a good time for you to audit your password practices and stop using terrible passwords to protect your online accounts. Experts advice that: Your password must—be long Your password must—be unpredictable Your password must—have at least one number Your passwor...