Home | Latest News | Popular News | Our Network | About | Contact
Security Research News | www.SecurityPhresh.com
Security Research News
Showing 'Security Research News' from 91 to 100
OpenSMTPD Vulnerability (CVE-2020-8794) Can Lead To Root Privilege Escalation And Remote Code Execution
12th Mar 2020 [2 months ago] from TrendMicro
A root privilege escalation and remote execution vulnerability (designated as CVE-2020-8794) has been discovered in the free and open-source Unix Daemon, OpenSMTPD. The flaw originates from an out-of-bounds read, which attackers can take...
Tracking Turla: New Backdoor Delivered Via Armenian Watering Holes
12th Mar 2020 [2 months ago] from ESET Research
Can an old APT learn new tricks? Turla’s TTPs are largely unchanged, but the group recently added a Python backdoor. The post Tracking Turla: New backdoor delivered via Armenian watering holes appeared first on WeLiveSecurity
Crafty Web Skimming Domain Spoofs “https”
11th Mar 2020 [3 months ago] from Krebsonsecurity
Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming...
FireEye Uncovers CVE-2017-8759: Zero-Day Used In The Wild To Distribute FINSPY,FireEye Uncovers CVE-2017-8759: Zero-Day Used In The Wild To Distribute...
11th Mar 2020 [3 months ago] from FireEye Research
FireEye recently detected a malicious Microsoft Office RTF documentthat leveraged CVE-2017-8759,a SOAP WSDLparser code injection vulnerability. This vulnerability allows amalicious actor to inject arbitrary code during the parsing of SOAPWSDL...
Why Is North Korea So Interested In Bitcoin?,Why Is North Korea So Interested In Bitcoin?
11th Mar 2020 [3 months ago] from FireEye Research
In 2016 we began observing actors we believe to be North Koreanutilizing their intrusion capabilities to conduct cyber crime,targeting banks and the global financial system. This marked adeparture from previously observed activity of North...
Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit And Brand-New Cinobi Banking Trojan
11th Mar 2020 [3 months ago] from TrendMicro
We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking...
March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes
10th Mar 2020 [3 months ago] from TrendMicro
Following the unexpectedly long list of fixes included in last month’s Patch Tuesday, March brings an even longer one, albeit less eventful. A total of 115 vulnerabilities were fixed, 26 of which were identified as Critical as they could...
Microsoft Patch Tuesday, March 2020 Edition
10th Mar 2020 [3 months ago] from Krebsonsecurity
Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch...
Flaw In Popular VPN Service May Have Exposed Customer Data
10th Mar 2020 [3 months ago] from ESET Research
NordVPN praised its bug bounty program and said that a fix had been shipped within two days The post Flaw in popular VPN service may have exposed customer data appeared first on WeLiveSecurity
Busting Ghostcat: An Analysis Of The Apache Tomcat Vulnerability (CVE-2020-1938 And CNVD-2020-10487)
10th Mar 2020 [3 months ago] from TrendMicro
Apache Tomcat is a popular open-source Java servlet container, so the discovery of Ghostcat understandably set off some alarms. This blog entry seeks to put the most feared Ghostcat-related scenario into perspective by delving into the...
« Newer 5 6 7 8 9 10 11 12 13 14 Older »