russians.rin.ru Cross Site Scripting vulnerability OBB-3807384

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DarkWatchMan RAT Targets Russians

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkWatchMan is a Remote Access Trojan RAT distributed via a phishing website imitating a renowned Russian website. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

Information Stealer LummaC2 Targets Browsers and Crypto Wallets

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LummaC2 Stealer is an information stealer that targets Chromium and Mozilla-based browsers. It is designed to steal sensitive information from a victims machine, including crypto wallets, extensions, and...

Struts2 new flaws vulnerability bug（S2-052 presents the use case, and face the vulnerability flaws of the enterprise-the race against time-vulnerability warning-the black bar safety net

Prior to the black bar safety net it S2-052）vulnerabilities done in a special thematic report, I believe we also have understand! Recently from the Cisco Talos experimental study of the analysis chamber and NVISO laboratory for the research staff also found that there was an attacker of real use ...

vak.ed.gov.ru XSS vulnerability

Vulnerable URL: http://vak.ed.gov.ru/az/server/php/filer.php?table='"vakidc='"autoref='"201153 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google...

PNG Image Metadata Found Leveraging iFrame Injections

Researchers have discovered a relatively new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. The technique makes it highly unlikely a virus scanner would catch it because the injection method is so deeply...

Update Protection against The WebAttacker Spyware

WebAttacker is a spyware kit sold on a Russian website for $15. The kit includes scripts designed to make simpler the task of infecting computers: the buyer spams out a message to email addresses inviting them to visit a compromised website. Once the user enters the compromised website, The websi...