13 matches found
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with the end goal of...
Malicious code in ssf-desktop-api-browser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5940c26ac6aa2f9c3682f4d383922757d2d5c361b5a70140ca289eabe304be8d The package ssf-desktop-api-browser was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2022-52529
Malicious code in bioql PyPI...
Rocky Linux 8 : unbound (RLSA-2022:7622)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7622 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...
AlmaLinux 9 : unbound (ALSA-2022:8062)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8062 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...
unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names
A flaw was found in Unbound, which is vulnerable to a novel type of "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates...
AlmaLinux 8 : unbound (ALSA-2022:7622)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7622 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...
unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names
A flaw was found in Unbound, which is vulnerable to a novel type of "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates...
Ubuntu: Security Advisory (USN-5569-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits
Google's Threat Analysis Group TAG on Thursday pointed fingers at a North Macedonian spyware developer named Cytrox for developing exploits against five zero-day aka 0-day flaws, four in Chrome and one in Android, to target Android users. "The 0-day exploits were used alongside n-day exploits as...
Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware
Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...
Vulnerability fixed in Node.js
A vulnerability has been fixed in Node.js. The vulnerability allows a malicious party potentially capable of causing a denial-of-service cause. To do this, the malicious party must be able to send a DNS request for a rogue domain. Only applications that allow a malicious party to send DNS request...
Why Web Browser Padlocks Shouldn't Be Trusted
For years, Apple, Firefox, Google and Microsoft relentlessly made the point that in order to avoid rogue sites you must make sure your browser “padlock” is either locked, green or is otherwise indicating a site as being “secure.” Now, cybersecurity firms are stressing that those padlocks are not...