Security Affairs

APRIL 5, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. Crooks target Android users working from home due to the COVID19 outbreak with a Trojanized version of the popular video messaging app Zoom. Below a list of attacks detected this week. Pierluigi Paganini.

Phishing 92

Phishing Communications Security IT 92

Security Affairs

MAY 30, 2022

CVE Number Affected devices CVE-2021-44228, CVE-2021-45046 Log4J RCE CVE-2022-1388 F5 BIG IP RCE No CVE (vulnerability published on 2022-02) Adobe ColdFusion 11 RCE CVE-2020-7961 Liferay Portal – Java Unmarshalling via JSONWS RCE No CVE (vulnerability published on 2022-04) PHP Scriptcase 9.7 LFI CVE-2018-16763 Fuel CMS 1.4.1

CMS 141

CMS IoT Passwords Security 141

Security Affairs

JULY 23, 2019

Wells also published a Proof-of-concept exploit code on GitHub and a video PoC for the flaw. Below the timeline for the flaw: 04/17/19 – Tenable discloses to Comodo. 04/29/19 – Tenable follows up, asking if vulnerabilities have been confirmed. 06/04/19 – Tenabe requests status update. Pierluigi Paganini.

Access 76

Access Security IT Information Security 76

Security Affairs

SEPTEMBER 5, 2019

The high-severity zero-day issue resides in the driver for the Video For Linux 2 (V4L2) interface. ” The vulnerability resides in the way the Video for Linux (V4L2) driver handles input data, it could be exploited by an attacker to elevate permissions to kernel level.

Access 77

Access Security IT Information Security 77