529 matches found
Google to Block .js Attachments in Gmail
Spammers and cybercriminals have revived email-based attacks in the last year, giving new life to macro-based malware hidden in Word documents, and with greater intensity of late, .js files that run JavaScript on infected clients, largely to download malware from an attacker’s site. Google...
Don't Fall For This Dangerously Convincing Ongoing Phishing Attack
Security researchers have discovered a new phishing campaign targeting Gmail users, which is so convincing and highly effective that even tech-savvy people can be tricked into giving away their Google credentials to hackers. The attackers first compromise a victim's Gmail account, and once they a...
Gmail - Customized SSL, Exported ContentProvider, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application Gmail published at the 'play' market has multiple vulnerabilities...
Bumble: Email Spoofing
There is an Email Spoofing Vulnerability. Steps to reproduce: 1 Go to http://emkei.cz/ 2 Fill "From Email" field to [email protected] or any other badoo email. 3 Fill the victim's address your address to "TO" field and fill in other details as you wish. You will receive email from badoo admin...
Gmail account hijacking vulnerability-vulnerability warning-the black bar safety net
Description Gmail allows worldwide users to use multiple mailboxes to associate their Gmail, Gmail also allows a mailbox to use multiple addresses to the mailbox to send the mail will be pooled to the same mailbox. To be honest, these two modes of identity confirmation on the presence of risk, to...
Clever Gmail Hack Let Attackers Take Over Accounts
Google patched a hole in its Gmail verification system last week that allowed an attacker to hijack a targeted Google Gmail account. The discovery was made by Ahmed Mehtab, a security researcher and founder of Security Fuse. The hack is simple to execute and requires less than dozen steps to pull...
Radium-Keylogger - Python keylogger with multiple features
Python keylogger with multiple features. Features Applications and keystrokes logging Screenshot logging Drive tree structure Logs sending by email Password Recovery for Chrome Mozilla Filezilla Core FTP CyberDuck FTPNavigator WinSCP Outlook Putty Skype Generic Network Cookie stealer Keylogger st...
A picture can lead to millions of Android phone is black-and-vulnerability warning-the black bar safety net
Google today released the latest Android security Bulletin Android Security Bulletin for a little while ago exposed a series of vulnerabilities to do a patch repair, such as the impact to the 9 billion devices, for high flux chip Quadrooter vulnerability-and this is the Android patch to repair th...
Python Keylogger: Radium
Python Keylogger With Multiple Features Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Keyloggi...
New Gmail Alerts Warn of Unauthenticated Senders
Google is expected soon to begin a gradual rollout of new security features in Gmail that warn users if the system could not authenticate the sender of an email message. Starting this week for browser-based users of Gmail and Android users, Google will display a question mark over a sender’s...
DOM-based XSS
Overview Affected versions of gmail-js are vulnerable to cross-site scripting in the tools.parseresponse, helper.get.visibleemailspost, and helper.get.emaildatapost functions, which pass user input directly into the Function constructor. Recommendation Update to version 0.6.5 or later. References...
Google To Deprecate SSLv3, RC4 in Gmail IMAP/POP Clients
Google said that it will initiate on June 16 a gradual deprecation of SSLv3 and RC4 for Gmail IMAP/POP mail clients. Both the crypto protocols cipher are notoriously unsafe and are being phased out in big chunks of the Internet. Google, for its part, had already announced in May that it would no...
Google Set to Kill SSLv3, RC4 in SMTP, Gmail in June
Google clarified this week exactly when it plans to disable support for the RC4 stream cipher and the SSLv3 protocol on the company’s SMTP servers and Gmail’s web servers. It turns out the end will come sooner than later; the company announced it will begin to disable both a month from now, on Ju...
Python Based Windows Backdoor with Gmail C&C: gDog
A stealthy Python based Windows backdoor that uses Gmail as a command and control server Gdog is a stealthy Python Windows backdoor that uses Gmail as a command and control server. It is mostly inspired by Gcat with which it shares code base but it adds additional options and features and goes...
BREACH exploits from Gmail, Facebook, steal sensitive information-vulnerability warning-the black bar safety net
2 0 1 3 summer,two researchers found that the use of and continue to attack Gmail and Facebook chat sessions flow a new method,that is, BREACH exploits,and before that,such attacks never walk into people's line of sight. ! Late last week,the study in Singapore, the Asia black hat conference is...
BREACH Revived to Steal Private Messages from Gmail, Facebook
The BREACH attack hasn’t been top of mind since the summer of 2013, but two researchers have found new ways to exploit and persistently attack traffic, including Gmail and Facebook chat sessions. The research was shared late last week in Singapore at Black Hat Asia where Dimitris Karakostas of th...
Data Leaking 'Surreptitious Sharing' Vulnerability Identified in Android API
Researchers have identified a vulnerability in an Android API used by messaging apps such as Skype and perhaps more concerning, privacy-centric apps such as Signal, and Telegram, that could lead to privilege escalation and data loss including private keys. Dominik Schürmann and Lars Wolf,...
EasyMail - Gmail and Hotmail - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application EasyMail - Gmail and Hotmail published at the 'play' market has multiple vulnerabilities...
Mail for Android Wear & Gmail - Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Mail for Android Wear & Gmail published at the 'play' market has multiple vulnerabilities...
Smart extension for Gmail - Customized SSL, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Smart extension for Gmail published at the 'play' market has multiple vulnerabilities...