68 matches found
Websites with an undefined trust level: avoiding the trap
Executive summary A suspicious website is a web resource that cannot be definitively classified as phishing, but whose activities are unsafe. Such sites manipulate users, tricking them into voluntarily transferring money for non-existent services, signing up for hidden subscriptions, or disclosin...
CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat
CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp's familiar web interface, using social engineering tactics t...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2022-27779)
libcurl wrongly allows cookies to be set for Top Level Domains TLDs if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's cookie engine can bebuilt with or without Public Suffix Listawareness. If PSL support not provided, a more rudimentary check...
Infrastructure Patterns in Toll Scam Domains: A Comprehensive Analysis of Cybercriminal Registration and Hosting Strategies
Toll scams involve criminals registering fake domains that pretend to be legitimate transportation agencies to trick users into making fraudulent payments. Although these scams are rapidly increasing and causing significant harm, they have not been extensively studied. We present the first...
EUVD-2004-0864
Malware in sbrugna...
EUVD-2023-1027
Malicious code in bioql PyPI...
20 Top-Level Domain Names Abused by Hackers in Phishing Attacks
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...
Local Networks Go Global When Domain Names Collide
The proliferation of new top-level domains TLDs has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didnt exist at the time. Meaning, they are continuously sending their Windows usernam...
GHSA-MRR8-V49W-3333 sweetalert2 contains potentially undesirable behavior
sweetalert2 versions from 11.6.14 to before 11.22.4 have potentially undesirable behavior. The package outputs audio and/or video messages that do not pertain to the functionality of the package when run on specific tlds. This functionality is documented on the project's readme...
PT-2023-33044 · Unknown · Sweetalert2
Name of the Vulnerable Software and Affected Versions: sweetalert2 versions 11.6.14 and above Description: The sweetalert2 package exhibits potentially undesirable behavior by outputting audio and/or video messages unrelated to its functionality when run on specific top-level domains TLDs. This...
Future Exploitation Vector: File Extensions as Top-Level Domains
In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains TLDs while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards...
Zip domains, a bad idea nobody asked for
If you heard a strange and unfamiliar creaking noise on May 3, it may have been the simultaneous rolling of a million eyeballs. The synchronised ocular rotation was the less than warm welcome that parts of the IT and security industries--this author included--gave to Google's decision to put .zip...
CVE-2022-2837
A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains TLD to a pod they control by creating projects and namespaces that match the TLD...
CVE-2022-2837
A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains TLD to a pod they control by creating projects and namespaces that match the TLD...
SUSE CVE-2011-4681
Opera before 11.60 does not properly consider the number of . dot characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Same Origin Policy by leveraging access to a different domain name in the same top-level domain, as...
SUSE CVE-2013-3210
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain...
SUSE CVE-2022-27779
libcurl wrongly allows cookies to be set for Top Level Domains TLDs if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without Public Suffix Listawareness. If PSL support not provided, a more rudimentary check...
OPENSUSE-SU-2022:10219-1 Security update for opera
This update for opera fixes the following issues: Update to 93.0.4585.11 - CHR-9051 Update chromium on desktop-stable-107-4585 to 107.0.5304.88 - DNA-95965 Add support for more UD TLDs - DNA-102960 Replace messengers icons - DNA-102964 Crash at -FramedBrowserWindow sendEvent: - DNA-103125...
OPENSUSE-SU-2022:10218-1 Security update for opera
This update for opera fixes the following issues: Update to 93.0.4585.11: - CHR-9051 Update chromium on desktop-stable-107-4585 to 107.0.5304.88 - DNA-95965 Add support for more UD TLDs - DNA-102960 Replace messengers icons - DNA-102964 Crash at -FramedBrowserWindow sendEvent: - DNA-103125...
CVE-2022-2837
A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains TLD to a pod they control by creating projects and namespaces that match the TLD. Mitigation - Add a default admission controller to prevent the creation of projects or...