Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

Google Chrome to Mask User IP Addresses to Protect Privacy

By Waqas The feature is called IP Protection, and it's important to note that it is not a VPN. A VPN encrypts all of a user's traffic, while IP Protection only masks their IP address. This is a post from HackRead.com Read the original post: Google Chrome to Mask User IP Addresses to Protect Privacy

HackRead
Open in Source
#web#android#google#perl#chrome#firefox
DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan

The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are also configured to deliver a downloader named CSVtyrei, so named for its resemblance to Vtyrei. "Some

What is the Dark Web, Search Engines, and What Not to Do on the Dark Web

By Waqas In this article, we will delve deeper into what is the dark web, exploring its definition, the top… This is a post from HackRead.com Read the original post: What is the Dark Web, Search Engines, and What Not to Do on the Dark Web

CVE-2023-38193: usd-2023-0015 - usd HeroLab

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line.

CVE-2023-38190: usd-2023-0014 - usd HeroLab

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Export SQL Injection via the size parameter.

Threat Roundup for October 13 to October 20

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 13 and Oct. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

CVE-2023-31046: Authenticated Arbitrary File Download (Path Traversal)

A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an attacker to achieve read-only access to the server's filesystem.

CVE-2023-45659: Session is not expiring after password reset

Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained access to a users' account, i.e., logged in and obtained a session, an attackers' session is not terminated if the users' account password is reset. This vulnerability has been fixed in the commit `dbb089315ff3d`. Users are advised to update their installations. There are no known workarounds for this vulnerability.

Clinic's Patient Management System 1.0 Shell Upload

Clinic's Patient Management System version 1.0 suffers from a remote shell upload vulnerability.