87 matches found
CVE-2018-20484
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation...
CVE-2018-20484
CVE-2018-20484 affects Zoho ManageEngine ADSelfService Plus 5.7 before build 5702, with a cross-site scripting vulnerability in the self-update layout implementation. The issue is a XSS in the auto-update/deployment flow (build
Magescan - Scan A Magento Site For Information
The idea behind this is to evaluate the quality and security of a Magento site you don't have access to. The scenario when you're interviewing a potential developer or vetting a new client and want to have an idea of what you're getting into. Installation .phar Download the magescan.phar file fro...
New Downloader for Locky
Through DTI Intelligence analysis, We have been observing Locky malware rise to fame recently. Locky is ransomware that is aggressively distributed via downloaders attached in spam emails, and it may have surpassed the Dridex banking trojan in popularity. In previous campaigns, the ransomware was...
Adobe Reader and Acrobat Pro elevation of privilege vulnerability analysis(CVE-2 0 1 5-5 0 9 0)-vulnerability warning-the black bar safety net
0×0 1 Introduction CVE-2 0 1 5-5 0 9 0 is present in the Adobe Reader/Acrobat Pro a bug, and as early as a few months ago has been found and submitted to ZDI. This article is mainly about this bug details, and share several different attack methods. AdobeARMService Adobe updates, in Adobe...
Chrome third-party extensions to be exposed can record private information and sell it-vulnerability warning-the black bar safety net
The Swedish security firm Detectify Labs currently represents some of the Chrome extension app will track The user's Internet history, and even also includes Facebook Connect and privacy of the access token, is connected to a private Dropbox and Google Drive file link. Affect a wide range is not...
SandroRAT — Android Malware that Disguises itself as "Kaspersky Mobile Security" App
Researchers have warned users of Android devices to avoid app downloads from particularly unauthorized sources, since a new and sophisticated piece of malware is targeting Android users through phishing emails. The malware, dubbed SandroRAT, is currently being used by cybercriminals to target...