SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day
As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.
Source:
[...]
AuthorLindsey O Donnell
HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak
HCL domain pages exposed sensitive data – including passwords and project analysis reports – for thousands of employees and customers.
Source: Threat
[...]
Windows 10 Update Bricks PCs, Microsoft Offers Workarounds
A glitch in Microsoft’s Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds
[...]
WordPress WP Live Chat Support Plugin Fixes XSS Flaw
A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites.
Source: Threat
[...]
Forbes Becomes Latest Victim of Magecart Payment Card Skimmer
The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others.
Source:
[...]
Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws
Adobe has issued patches for 87 vulnerabilities on Patch Tuesday – the bulk of which exist in Adobe’s Acrobat and Reader product.
[...]
Twitter Leaks Apple iOS Users’ Location Data to Ad Partner
A Twitter glitch “inadvertently” leaked iOS users’ location data to an unnamed partner.
Source: Threat Post – Web Security – Twitter Leaks
[...]
ThreatList: Top 5 Most Dangerous Attachment Types
From ZIP attachments spreading Gandcrab, to DOC files distributing Trickbot, researchers tracked five widescale spam campaigns in 2019 that have made use of
[...]
Nvidia Warns Windows Gamers on GPU Driver Flaws
Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.
[...]
ThreatList: Nigerian Cybercrime Surged 54 Percent in 2018
Nigerian scam groups launched even more attacks in 2018 – and used more complex types of malware to reach more victims.
Source:
[...]