Security Affairs

MARCH 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybersecurity 95

Cybersecurity Authentication Cloud Security 95

Security Affairs

SEPTEMBER 18, 2020

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. Secure web- phishing. Secure web- phishing. Opened email lets spy in.

Phishing 104

Phishing Ransomware Data collection Sales 104

Security Affairs

NOVEMBER 3, 2020

Google released Chrome 86.0.4240.183 for Windows, Mac, and Linux to fix 10 security vulnerabilities, including an RCE zero-day exploited in the wild. The zero-day flaw was discovered on October 29, 2020 by Google white-hat hacker Samuel Groß of Google Project Zero and Clement Lecigne of Google’s Threat Analysis Group.

Libraries 108

Libraries Security IT Access 108

Security Affairs

NOVEMBER 19, 2020

An unpatched security flaw in GO SMS Pro, a popular messaging app for Android with over 100 million installs, exposes media messages. GO SMS Pro is a popular Android messaging app with over 100 million installs, that has been found to be affected by an unpatched security flaw that publicly exposes media transferred between users.

Access 102

Access Authentication Cybersecurity Security 102

Security Affairs

NOVEMBER 11, 2021

“The smuggling capability was not designated a CVE identifier as it is not considered a security boundary by the affected vendor.” Our team was able to gain a shell on the affected target, access sensitive configuration data, extract credentials, and more. 2020-11-19: Randori discovered the buffer overflow vulnerability.

Access 107

Access Cybersecurity Security IT 107

Security Affairs

FEBRUARY 7, 2021

The vulnerability was disclosed by the security researcher Polle Vanhoof. The Mifare Classic smart card technology is known to be insecure since 2008, when security researchers from Radboud University Nijmegen performed reverse engineering of the chip and published their findings. ” Vanhoof added. Pierluigi Paganini.

Encryption 145

Encryption Communications Security IT 145

Security Affairs

DECEMBER 21, 2020

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. Security experts from Symantec , Palo Alto Networks , and Guidepoint reported that threat actors behind the SolarWinds attack were also planting a.NET web shell dubbed Supernova. Pierluigi Paganini.

Libraries 145

Libraries Security IT Information Security 145