22 matches found
Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts
Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources HR and enterprise resource planning ERP platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. "The extensions work in concert to...
Microsoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee Salaries
A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts. "Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain...
Investigating targeted “payroll pirate” attacks affecting US universities
Microsoft Threat Intelligence has observed a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts. These types of attacks have been dubbed “payroll...
Investigating targeted “payroll pirate” attacks affecting US universities
Microsoft Threat Intelligence has observed a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts. These types of attacks have been dubbed “payroll...
EUVD-2019-3785
Malware in sbrugna...
Manpower Data Breach Hits 144K, Workday Confirms 3rd-Party CRM Hack
A cyberattack on Manpower's Michigan office compromised data for 144,000 people. Meanwhile, Workday reveals a data breach in…...
CVE-2019-12134
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in Workday through 32 via a value provided by a low-privileged user in a contact form field that is mishandled in a CSV export...
HackerOne: Dangling cloud instance at vpn.inverselink.com
Summary: vpn.inverselink.com points to 54.202.130.246, which is currently serving a TLS certificate for Workday, Inc. This seems to indicate that the subdomain is no longer controlled by HackerOne. Optional: Supporting Material/References Screenshots % dig vpn.inverselink.com +short 54.202.130.24...
Design/Logic Flaw
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in Workday through 32 via a value provided by a low-privileged user in a contact form field that is mishandled in a CSV export...
CVE-2019-12134
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in Workday through 32 via a value provided by a low-privileged user in a contact form field that is mishandled in a CSV export...
CVE-2019-12134
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in Workday through 32 via a value provided by a low-privileged user in a contact form field that is mishandled in a CSV export...
CVE-2019-12134
CSV Injection aka Excel Macro Injection or Formula Injection exists in the export feature in Workday through 32 via a value provided by a low-privileged user in a contact form field that is mishandled in a CSV export...
CVE-2019-12134
CVE-2019-12134 describes a CSV/Formula injection in the Workday export feature. A value supplied by a low-privileged user in a contact form is mishandled during CSV export, potentially enabling Excel formula injection when opened in spreadsheet software. The connected documents confirm the vulner...
Interview with a malware hunter: Jérôme Segura
In our series "Interview with a malware hunter," our feature role today goes to Jérôme Segura, Malwarebytes’ Head of Threat Intelligence and world-renowned exploit kits researcher. The goal of this series is to introduce our readers to our malware intelligence crew by involving them in these Q&A...
workday.com XSS vulnerability
Vulnerable URL: https://www.workday.com/en-us/company/newsroom/press-releases/press-release-details.html?id=1971214%27%22--!%3E%3C/script/%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E&rda=/company/newsevents/pressreleases/detail.php Details: Description| Value ---|--- Patched:| Yes, at 08.01.20...
www1.workday.com XSS vulnerability
Vulnerable URL: https://www1.workday.com/en-se/company/newsroom/press-releases/press-release-details.html?id=%27%22%3E%3C/Script/K%3E%3CSvg/Onload=confirmOPENBUGBOUNTY%3E Details: Description| Value ---|--- Patched:| Yes, at 10.01.2017 Latest check for patch:| 10.01.2017 17:25 GMT Vulnerability...
forms.workday.com XSS vulnerability
Vulnerable URL: https://forms.workday.com/fr-fr/company/newsroom/press-releases/press-release-details.html?id=1929384%27%22%3E%3C/Script/K%3E%3CSvg/Onload=confirmOPENBUGBOUNTY%3E Details: Description| Value ---|--- Patched:| Yes, at 10.01.2017 Latest check for patch:| 10.01.2017 17:28 GMT...
workday.com XSS vulnerability
Vulnerable URL: https://www.workday.com/fr-fr/company/newsroom/press-releases/press-release-details.html?id=20391911'"...
workday.com XSS vulnerability
Vulnerable URL: http://www.workday.com/fr/resources.php?Resource="-prompt/XSSPOSED/-" Details: Description| Value ---|--- Patched:| Yes, at 23.10.2015 Latest check for patch:| 23.10.2015 15:45 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 19617 Google Pagerank...
WORKDAY Cloud Service Detection
Binary data 8533.prm...