7 matches found
INFERMAL: Inferential Analysis of Maliciously Registered Domains
Cybercriminals have long depended on domain names for phishing, spam, malware distribution, and botnet operation. To facilitate the malicious activities, they continually register new domain names for exploitation. Previous work revealed an abnormally high concentration of malicious registrations...
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 26, 2025 to June 1, 2025)
In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. Last week, there were 65 vulnerabilities disclosed in 60 WordPress Plugin...
Qualys Security Conference Virtual 2018. New Agents, Patch Management and Free Services
Today I attended a very interesting online event - Qualys Security Conference Virtual 2018. It consisted of 11 webinars, began at 18:00 and will end at 03:45 Moscow time. Not the most convenient timing for Russia, but it was worth it. Last time I was at offline QSC event in 2016, so for me it was...
Facebook and Cambridge Analytica
In the wake of the Cambridge Analytica scandal, news articles and commentators have focused on what Facebook knows about us. A lot, it turns out. It collects data from our posts, our likes, our photos, things we type and delete without posting, and things we do while not on Facebook and even when...
Trend Micro enterprise products HTTP header injection vulnerability
Overview Multiple enterprise products provided by Trend Micro Incorporated contain a HTTP header injection vulnerability. According to the developer, exploiting the vulnerability requires access to the LAN environment of the user. Trend Micro Incorporated reported this vulnerability to JPCERT/CC ...
Malware automatically uploading stolen data to the File sharing sites
Malware automatically uploading stolen data to the File sharing sites Roland Dela Paz, a threat response engineer with Trend Micro have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval. File-storage...
phpCoupon - Remote Payment Bypass
phpCoupon - Remote Payment Bypass source: https://www.securityfocus.com/bid/25116/info phpCoupon is prone to a remote payment-bypass vulnerability because the application fails to properly secure PayPal payment transactions. Successfully exploiting this issue allows remote attackers to perform...