BIT-MAGENTO-2021-28585 Magento Commerce improper input validation in customer customer webapi

Magento versions 2.4.2 and earlier, 2.4.1 and earlier and 2.3.6 and earlier are affected by an Improper input validation vulnerability in the New customer WebAPI.Successful exploitation could allow an attacker to send unsolicited spam e-mails...

CVE-2021-28585

Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by an Improper input validation vulnerability in the New customer WebAPI.Successful exploitation could allow an attacker to send unsolicited spam e-mails...

Suspicious Metadata Mail Phishing Redirection

Mail attachment containing a malicious html file was observed as part of recent campaigns. A remote attacker could send spam e-mails including those html and redirects users to manually download malicious files...

Suspicious Metadata Mail Phishing Containing Archive Attachment

Suspicious Mail containing archive attachment was observed as part of phishing campaigns. A remote attacker could send spam e-mails including those files. This would allow the malicious code to run and infect the target system...

Microsoft Office Files Containing Malicious VBScript Downloader

Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

Microsoft Office Mail Attachment Containing Malicious Downloader

A Microsoft Office Mail attachment containing a malicious downloader was observed as part of Locky ransomware campaign. A remote attacker could send spam e-mails including those downloaders and convince users to manually enable them. This would allow the malicious code to run and infect the targe...

Microsoft Office Files Containing Malicious Downloader

Microsoft Office files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system...

Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection

The year begins with the number of new variants of malware that were discovered by various security researchers. The new variants are more complex, sophisticated and mostly undetectable. Two years back in 2012, the FBI warned us about the ‘GameOver’ banking Trojan, a variant of Zeus financial...