10 matches found
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that's disguised as an employee CRM application as part of a supposed recruitment process. "The attack begins with a phishing email impersonating CrowdStrike...
Open-Xchange OX App Suite 跨站脚本漏洞
Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX App Suite 7.10.6 and prior versions, which stems from a detection mechanism for deep links in emails that allows the injection of references t...
simplepush 资源管理错误漏洞
simplepush is a mobile application from the German company simplepush. Push notifications can be sent to your device immediately via API or third-party integration. A security vulnerability exists in simplepush that stems from the registration of a fake application using the wrong deviceTokens,...
IT threat evolution Q3 2021
IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile statistics Targeted attacks WildPressure targets macOS Last March, we reported a WildPressure campaign targeting industrial-related entities in the Middle East. While tracking this...
Design/Logic Flaw
If HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root...
CVE-2017-16777
If HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root...
Threat Outbreak Alert: Fake Application Attachment Notification Email Messages on December 18, 2013
Medium Alert ID: 32222 First Published: 2013 December 19 15:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an application for the recipient. The text in the email message attempts to persuade the recipient to open th...
WhatsApp vulnerability can be misused for Spreading Malware
A Cross site scripting XSS vulnerability in WhatsApp website reported to The Hacker News by Edgard Chammas. WhatsApp is one of the most famous cross-platform mobile messaging app for iPhone, BlackBerry, Android, Windows Phone and Nokia used to send text, video, images, audio b/w Whatsapp users...
Android Malware as Beware of Chinese called "The Roar of the Pharaoh"
Android Malware as Chinese game "The Roar of the Pharaoh" Security researchers have spotted a bogus Chinese game, that's actually a trojan horse gathering sensitive information from infected devices, next to sending premium-rate SMS messages. It is Chinese game that is original with its rights bu...
Fake iPhone Camera+ App Allowed in App Store
A fake version of the popular Camera+ iPhone application was offered on Apple’s App Store over the weekend, according to a post by Glyn Evans on the iPhoneography blog on Saturday, just the latest example of suspicious and malicious applications to slip through Apple’s shadowy application vetting...