New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. "Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on jus...

Siemens SICAM Q200 Cross-Site Request Forgery Vulnerability

The SICAM Q200 is a multifunctional device for detecting, reporting and analyzing measured values and events. A cross-site request forgery vulnerability exists in the Siemens SICAM Q200, which can be exploited by an attacker to perform arbitrary actions on the device on behalf of a vulnerable use...

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

A new "all-in-one" stealer malware named EvilExtractor also spelled Evil Extractor is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "I...

Joomla Codextrous B2jcontact 2.1.17 Shell Upload

Exploit Title : Joomla Codextrous ComB2jcontact Components 2.1.17 Shell Upload Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 04/01/2019 Vendor Homepage : codextrous.com/joomla-components/b2j-contact.html + extensions.joomla.org/extension/b2j-contact/ Software...

HP LaserJet Multi Functional Devices unauthorized access

Unauthorized files access is possible...