Signed malware impersonating workplace apps deploys RMM backdoors

In February 2026, Microsoft Defender Experts identified multiple phishing campaigns attributed to an unknown threat actor. The campaigns used workplace meeting lures, PDF attachments, and abuse of legitimate binaries to deliver signed malware. Phishing emails directed users to download malicious...

Signed malware impersonating workplace apps deploys RMM backdoors

In February 2026, Microsoft Defender Experts identified multiple phishing campaigns attributed to an unknown threat actor. The campaigns used workplace meeting lures, PDF attachments, and abuse of legitimate binaries to deliver signed malware. Phishing emails directed users to download malicious...

EUVD-2011-3351

Malware in sbrugna...

EUVD-2009-1677

Malware in sbrugna...

EUVD-2011-3385

Malware in sbrugna...

SUSE CVE-2011-3388

Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security...

Venafi to Launch Certificate Transparency Log

Three weeks after the first non-Google public log for Certificate Transparency was launched by DigiCert, officials at Venafi said that the company plans to debut its own public CT log. On Jan. 1 Google approved the use of DigiCert’s log, the first CT log that is independent and not operated by...

Certificate Transparency Moves Forward With First Independent Log

The Certificate Transparency scheme proposed by Google engineers has taken a couple of significant steps forward recently, with the approval of the first independent certificate log and the passing of a deadline for all extended validation certificates to be CT-compliant or lose the green indicat...

Improving the URL bar

iOS has hidden the pathname of URLs for some time now, but recently Chrome Canary introduced something similar behind a flag. I'm not involved in the development of Chrome experiment at all, but I've got more than 140 characters worth of opinion on it… We have a real security problem I recently...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Dec 2013) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Dec 2013) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

CVE-2013-6673

Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a...

Mozilla Thunderbird < 24.2 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 24.2 and is, therefore, potentially affected the following vulnerabilities: - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two use-after-free...

Thunderbird < 24.2 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.2 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two use-after-free...

Mozilla Releases Firefox 14.01 With Secure Google Search By Default

Mozilla has released Firefox 14.01, a new version of its browser which now includes encrypted Google search by default, as well as improvements to the address bar to make the identity of a site owner and the security of its connection clearer. The biggest change in Firefox 14.01 is the addition o...

Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability

This host is installed with Mac OS X and is prone to the security bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodmacosxkeychainimplsecbypassvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability Authors: Antu Sanadi...

CVE-2011-3422

The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate, as demonstrated b...

Design/Logic Flaw

The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate, as demonstrated b...

CVE-2011-3422

The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate, as demonstrated b...

Apple Mac OS X Keychain证书设置安全限制绕过漏洞

BUGTRAQ ID: 49429 Mac OS X是苹果麦金塔Macintosh电脑之操作系统软件的总称。 Mac OS X在Keychain证书的设置上存在安全限制绕过漏洞，远程攻击者可利用此漏洞通过中间人攻击绕过Keychain安全设置。 即使用户已经把Keychain Access中的根CA信任设置标注为“Never Trust”，Mac OS X操作系统也会接受Extended Validation证书为有效。 Apple Mac OS X 10.6.x Apple MacOS X Server 10.6.x 厂商补丁： Apple -----...