Tag
Three of the world's leading browsers were measured for phishing and malware protection, with time to block and protection over time as key metrics in test scores.
Categories: News Tags: Twitter Tags: Zatko Tags: Mudge Tags: L0pht Tags: Cult of the dead cow Tags: Infrastructure Tags: bots Tags: Elon Musk Tags: FTC Tags: SEC Tags: whistleblower Former Twitter head of security and ethical hacker Peiter Mudge Zatko has alleged some serious problems about the social media giant. (Read more...) The post Twitter security under scrutiny after former executive turns whistleblower appeared first on Malwarebytes Labs.
Categories: News Tags: Microsoft Tags: ChromeOS Tags: Chrome Tags: Google Tags: audio Tags: bluetooth Tags: exploit Tags: vulnerability Microsoft has released a report detailing a ChromeOS vulnerability reported to Chrome and fixed within a week. (Read more...) The post ChromeOS vulnerability found by Microsoft appeared first on Malwarebytes Labs.
The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services have also set their sights on Google Workspace users. "This campaign specifically targeted chief executives and other senior members of various organizations which use [Google Workspace]," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu
Peiter “Mudge” Zatko’s claims about the company’s lax security are all bad. But one clearly captures the extent of systemic issues.
A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.
Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.
Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin <= 1.2.6 at WordPress.
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.
The Iranian government-backed actor known as Charming Kitten has added a new tool to its malware arsenal that allows it to retrieve user data from Gmail, Yahoo!, and Microsoft Outlook accounts. Dubbed HYPERSCRAPE by Google Threat Analysis Group (TAG), the actively in-development malicious software is said to have been used against less than two dozen accounts in Iran, with the oldest known