Aggregator

A vulnerability, which was classified as very critical, has been found in Xcmail 0.99.6 on Linux. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-1999-1553. The attack may be initiated remotely. Furthermore, there is an exploit available.

关哥在星球中分享关于保险的深度思考、读书笔记以及职场心得，帮助用户更好地理解和应用保险知识。

The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.

A vulnerability, which was classified as critical, has been found in Google Android 2.3.4/3.1. Affected by this issue is the function startActivity. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2011-2357. The attack may be launched remotely. Furthermore, there is an exploit available.

A Threat Actor is Selling CMS WordPress Access to Four Unidentified Companies

A vulnerability was found in Apple Mac OS X up to 10.11.4. It has been declared as critical. This vulnerability affects unknown code of the component IOAudioFamily. The manipulation leads to memory corruption. This vulnerability was named CVE-2016-1820. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

girlhigh is Allegedly Selling Access to Data to an Unidentified US Bank

A Canadian resident, Alexander “Connor” Moucka, was arrested by Canadian law enforcement at the request of the United States for allegedly stealing sensitive data of myriad corporations like AT&T and Santander Bank that were stored in Snowflake's cloud systems and exposed during a breach.

The post Canadian Man Accused of Snowflake Data Breach Arrested appeared first on Security Boulevard.

Overview  Assura, Inc. has been made aware of this attack pattern, has taken steps to detect it in our managed services, and is following the attack in the blogs of security researchers who found this campaign. A recent phishing attack campaign has attackers installing a virtual machine (VM) on your Windows system, prebuilt with backdoors… Continue reading Phishing Campaign Installs Backdoor-Loaded VM to Evade Antivirus and Harvest Credentials

The post Phishing Campaign Installs Backdoor-Loaded VM to Evade Antivirus and Harvest Credentials appeared first on Assura, Inc..

The post Phishing Campaign Installs Backdoor-Loaded VM to Evade Antivirus and Harvest Credentials appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, was found in University of Washington Pine up to 4.44. This affects an unknown part of the component FROM Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2002-1320. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Northwest Health Has Been Claimed a Victim to RansomHub Ransomware

The CRON#TRAP campaign involves a novel technique for executing malicious commands on a compromised system.

HIMARS DDOS Targeted the Website of RuWeb-NN

A vulnerability was found in Blue Coat SSL Visibility Appliance up to 3.8.3. It has been classified as problematic. Affected is an unknown function of the component WebUI. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2015-2852. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

DenBots Proof Targeted the Website of SeriesLan

A vulnerability was found in Oracle MySQL Server up to 8.0.15. It has been classified as problematic. Affected is an unknown function of the component Privileges. The manipulation leads to denial of service. This vulnerability is traded as CVE-2019-2584. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle MySQL Server up to 8.0.15. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Privileges. The manipulation leads to denial of service. This vulnerability is known as CVE-2019-2589. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Oracle MySQL Server up to 5.7.25/8.0.15. This affects an unknown part of the component PS. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2019-2592. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.