ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps

Tax Day in the U.S. is looming on Monday, and as people rush to do their last-minute filing, scammers are out in full force, targeting consumers and businesses alike. According to RiskIQ numbers, the internet is awash in crafty schemes and dangerous threat campaigns that exploit the convenience o...

lwan/request_fuzzer: Global-buffer-overflow in parse_headers

Project: git://github.com/lpereira/lwan Detailed report: https://oss-fuzz.com/testcase?key=5673683021987840 Project: lwan Fuzzer: afllwanrequestfuzzer Fuzz target binary: requestfuzzer Job Type: aflasanlwan Platform Id: linux Crash Type: Global-buffer-overflow READ 4 Crash Address: 0x0000012320ff...

imagemagick/encoder_mat_fuzzer: Heap-use-after-free in ReadImage

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5721754591297536 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermatfuzzer Fuzz target binary: encodermatfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

Scalable Fuzzing Infrastructure: ClusterFuzz

ClusterFuzz is a scalable fuzzing infrastructure which finds security and stability issues in software. It is used by Google for fuzzing the Chrome Browser, and serves as the fuzzing backend for OSS-Fuzz . ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software...

AppleShare IP / Apple Filing Protocol (AFP) Unencrypted Cleartext Login

The remote host is running a AppleShare IP / Apple Filing Protocol AFP service that allows cleartext logins over unencrypted connections. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

libidn2/libidn2_to_ascii_8z_fuzzer: Heap-buffer-overflow in idn2_to_ascii_4i

Project: https://gitlab.com/libidn/libidn2.git Detailed report: https://oss-fuzz.com/testcase?key=5644466457673728 Project: libidn2 Fuzzer: libFuzzerlibidn2toascii8zfuzzer Fuzz target binary: libidn2toascii8zfuzzer Job Type: libfuzzerasanlibidn2 Platform Id: linux Crash Type: Heap-buffer-overflow...

The Market of Billions -- Are You Prepared For The Peaks?

Yes, we truly are the market of billions! I love Graham D. Brown's distinctive representation of this massive business opportunity in South Asia in his Asia Matters report. In 2018, over 50% of the world's total online retail sales happened in the Asia-Pacific region. eMarketer reports that onlin...

Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error

Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an...

Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error

Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an...

imagemagick/encoder_dng_fuzzer: Index-out-of-bounds in LibRaw::scale_colors_loop

Detailed report: https://oss-fuzz.com/testcase?key=4830316907724800 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State:...

CVE-2018-14608

Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique directories...

imagemagick/encoder_mvg_fuzzer: Crash in TracePath

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5349958956875776 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

envoy/h1_capture_fuzz_test: Heap-use-after-free in Envoy::FakeRawConnection::FakeRawConnection

Detailed report: https://oss-fuzz.com/testcase?key=6215556767154176 Project: envoy Fuzzer: libFuzzerenvoyh1capturefuzztest Fuzz target binary: h1capturefuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: Heap-use-after-free READ 8 Crash Address: 0x6120000fdf68 Crash State:...

DiliCMS Cross-Site Scripting Vulnerability

DiliCMS aka DiligentCMS is a content management system CMS based on Codelgniter. A cross-site scripting vulnerability exists in the System Settings - Site Settings filing number field of the admin/index.php file in DiliCMS version 2.4.0. A remote attacker can exploit this vulnerability to inject...

imagemagick/encoder_heic_fuzzer: Heap-buffer-overflow in ff_hevc_put_hevc_qpel_pixels_8_sse

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5358449251581952 Project: imagemagick Fuzzer: aflimagemagickencoderheicfuzzer Fuzz target binary: encoderheicfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

IC3 Issues Alert on Tech Support Fraud

The Internet Crime Complaint Center IC3 has released an alert on tech support fraud. Tech support fraud involves criminals claiming to provide technical support to fix problems that don't exist. Their methods include placing calls, sending pop-ups, engaging misleading lock screens, and sending...

A cure for the common cold call: freeze them out

The phone rings and it's a number I don’t recognize. That’s enough to bring my mood down a few degrees. It shouldn’t, but unfortunately experience has taught me that at least 95 percent of the calls from numbers that are “private” or that I don’t have an account name stored for on my phone are...

graphicsmagick/coder_XCF_fuzzer: Use-of-uninitialized-value in AlphaCompositePixel

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5069895264894976 Project: graphicsmagick Fuzzer: libFuzzergraphicsmagickcoderXCFfuzzer Fuzz target binary: coderXCFfuzzer Job Type: libfuzzermsangraphicsmagick Platform Id: linux Crash Type:...

skia/path_deserialize: Heap-buffer-overflow in SkPath::moveTo

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5078673775394816 Project: skia Fuzzer: libFuzzerskiapathdeserialize Fuzz target binary: pathdeserialize Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...

A week in security (January 29 – February 04)

Last week on Labs, we looked into PUPs stealing and using mainstream logos of security and tech companies to further gain user trust, GandCrab and Scarab ransomware variants in the wild, and a new Mac malware called OSX.CreativeUpdater that can be distributed via MacUpdate. We also profiled...