Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2026/04/23 6:16 p.m.14 views

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on impersonating IT help des...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/30 9:30 p.m.19 views

Analyzing and remediating a malware infested T95 TV box from Amazon

A couple of weeks ago, security news outlets made their rounds reporting on an Android TV box available on Amazon that came pre-installed with malware. The findings came from a Canadian developer, Daniel Milisic, who posted on his GitHub. What Daniel found was an Android T95 TV box infected with...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/22 1:37 p.m.42 views

How to Create a Simulated Phishing Attack Across Your Company

Email is one of the many weapons at the disposal of bad actors on the Internet, and your employees are in the firing line. Attackers try to hide behind a trusted entity, sometimes even masquerading as a known vendor or even as a representative of a group within your own organization, like HR or I...

0.1AI score
Exploits0
CNVD
CNVD
added 2021/03/15 12:0 a.m.8 views

Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability

Zoho ManageEngine ServiceDesk Plus SDP is a web-based IT helpdesk software with integrated asset and project management capabilities, based on the ITIL framework. An authentication bypass vulnerability exists in Zoho ManageEngine ServiceDesk Plus prior to version 11134 during SAML login. No detai...

8.8CVSS7AI score0.07218EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2021/01/27 10:18 a.m.35 views

Using the Manager Attribute in Active Directory (AD) for Password Resets

Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic. With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have ...

0.3AI score
Exploits0
CISA
CISA
added 2017/05/04 12:0 a.m.10 views

Google Docs Phishing Campaign

US-CERT is aware of a phishing campaign that affected Google Docs users. The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access ...

6.7AI score
Exploits0References3
Rows per page
Query Builder