Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Massive malvertising campaign targets seniors via fake Weebly sites

Categories: Threat Intelligence Tags: malvertising Tags: weebly Tags: google Tags: ads Tags: seniors Tags: recipe Tags: tech support Tags: scam Scammers are buying ads on for the most common Google searches made by seniors and defrauding them with tech support scams. (Read more...) The post Massive malvertising campaign targets seniors via fake Weebly sites appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#web#mac#windows#google#git#intel#chrome#firefox
CVE-2023-24934: Microsoft Defender Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass the Windows Defender detection with a specially crafted file.

CVE-2023-29623: CVE-nu11secur1ty/vendors/oretnom23/2023/Purchase-Order-Management-1.0/XSS-Reflected at main · nu11secur1ty/CVE-nu11secur1ty

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.

CVE-2023-29491: security - Re: ncurses fixes upstream

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

CVE-2023-27890: MyBB Export User 2.0 Cross Site Scripting ≈ Packet Storm

** UNSUPPORTED WHEN ASSIGNED ** The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Troubleshooting No Signal Monitor Issue: Steps to Get Computer Display Back

By Owais Sultan If you encounter a “No signal” issue on your monitor despite your computer being powered on, and you… This is a post from HackRead.com Read the original post: Troubleshooting No Signal Monitor Issue: Steps to Get Computer Display Back

CVE-2023-26918: File Replication Pro- RealTime, Secure, Offsite Backup & File Sync

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.

CVE-2023-26416: Adobe Security Bulletin

Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2023-27748: DR750-2CH IR LTE (JP)

BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution.

LockBit 3.0 Posts Dubious Claims of Breaching Darktrace Cybersecurity Firm

By Waqas Is it a highly dubious claim by the infamous LockBit 3.0 ransomware gang? It looks like it! This is a post from HackRead.com Read the original post: LockBit 3.0 Posts Dubious Claims of Breaching Darktrace Cybersecurity Firm