Microsoft Outlook for Android Open to XSS Attacks
A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.
Source: Threat Post – Web Security – Microsoft Outlook
[...]
Web Security
Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.
Match, Tinder Swipe Right For Privacy Red Flags, Say Experts
Analysts at ProPrivacy say the dating apps collect everything from chat content to financial data on their users — and then they share
[...]
DanaBot Adds Ransomware to its Arsenal
Malware adds ransomware to its malicious bag of tricks.
Source: Threat Post – Web Security – DanaBot Adds Ransomware to its Arsenal
[...]
Tor Browser Issues Update for Critical System Takeover Flaw
The update patches critical flaw (CVE-2019-11707), a type confusion vulnerability in the Mozilla Firefox code that Tor uses.
Source: Threat Post –
[...]
Oracle Warns of New Actively-Exploited WebLogic Flaw
Oracle is urging users to update after a critical WebLogic Server Flaw was found being actively exploited in the wild.
Source: Threat
[...]
Mozilla Patches Firefox Critical Flaw Under Active Attack
Mozilla released a new update for Firefox after discovering a critical flaw under active attack.
Source: Threat Post – Web Security –
[...]
Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline
Four vulnerabilities could “SACK” connected devices with denial-of-service exploits.
Source: Threat Post – Web Security – Linux Kernel Bug Knocks PCs, IoT
[...]
Microsoft Management Console Bugs Allow Windows Takeover
Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops.
Source: Threat
[...]
Irked Researcher Discloses Facebook WordPress Plugin Flaws
Researchers at Plugin Vulnerabilities cite grudge and irresponsibly disclose bugs in two WordPress plugins from Facebook.
Source: Threat Post – Web Security
[...]
5,000 Twitter Accounts Linked to Disinformation Campaigns
The social platform has suspended six sets of accounts across four jurisdictions for running alleged influence campaigns, including Iran.
Source: Threat Post
[...]