Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

QuickJob 6.1 Insecure Settings

QuickJob version 6.1 suffers from an ignored default credential vulnerability.

Packet Storm
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#git#java#php#perl#auth#ruby#firefox
Ubuntu Security Notice USN-6920-1

Ubuntu Security Notice 6920-1 - It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. It was discovered that EDK II had an insufficient memory write check in the SMM service, which could lead to a page fault occurring. An authenticated user could use this issue to potentially escalate their privileges, disclose information and/or create a denial of service via local access.

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.

7 Sessions Not to Miss at Black Hat USA 2024

This year's conference will be a treasure trove of insights for cybersecurity professionals.

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various legitimate companies. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive

How Infostealers Pillaged the World’s Passwords

Infostealer malware is swiping millions of passwords, cookies, and search histories. It’s a gold mine for hackers—and a disaster for anyone who becomes a target.