Lucene search
K

28 matches found

Cvelist
Cvelist
added 2024/05/07 4:53 p.m.33 views

CVE-2024-29210

A local privilege escalation LPE vulnerability has been identified in Phish Alert Button for Outlook PAB, specifically within its configuration management functionalities. This vulnerability allows a regular user to modify the application's configuration file to redirect update checks to an...

2.8CVSS5.4AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2024/05/07 4:53 p.m.81 views

CVE-2024-29209

The CVE-2024-29209/29210 family concerns Phish Alert Button (PAB) for Outlook and related KnowBe4 clients. Technical details across connected records show: attack via update mechanism (CVE-2024-29209) where the client fails to validate the update server’s TLS/SSL and ignores digital signatures, e...

6CVSS5AI score0.00374EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

Knowbe4 Phish Alert Button 安全漏洞

Knowbe4 Phish Alert Button is an application from Knowbe4, Inc. A security vulnerability exists in Knowbe4 Phish Alert Button, which stems from insufficient domain authentication and could lead to remote code execution by Outlook PAB via DNS spoofing...

6CVSS6.3AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

Knowbe4 Phish Alert Button 安全漏洞

Knowbe4 Phish Alert Button is an application from Knowbe4 Inc. A security vulnerability exists in Knowbe4 Phish Alert Button that stems from the ability to perform local elevation of privilege by modifying configuration files...

2.8CVSS4.5AI score0.00178EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2020/09/28 3:45 p.m.27 views

Lock and Code S1Ep16: Investigating digital vulnerabilities with Samy Kamkar

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical world. If you look through a recent...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/23 5:0 p.m.36 views

Phishers spoof reliable cybersecurity training company to garner clicks

"It happens to the best of us." And, indeed, no adage is better suited to a phishing campaign that recently made headlines. Fraudsters used the brand, KnowBe4—a trusted cybersecurity company that offers security awareness training for organizations—to gain recipients’ trust, their Microsoft Outlo...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2015/07/19 10:29 p.m.17 views

Phishing Your Employees: Clever way to Promote Cyber Awareness

Employees are the weakest link when it comes to enterprise security, and unfortunately hackers realized this years ago. All an attacker needs to use some social engineering tactics against employees of companies and organizations they want to target. A massive 91% of successful data breaches at...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2015/04/13 8:7 p.m.10 views

Why You Should Enroll In Cyber Security Awareness Training

When it comes to cyber security, even big organizations lack the basic knowledge of how to protect company’s data from the outside. Everyday businesses are facing the threat of phishing, ransomware, data breaches and malware attacks that not only results in millions of dollars losses, but also...

6.7AI score
Exploits0
Rows per page
Query Builder