#windows

College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.

A vulnerability exists where an IBM Robotic Process Automation 21.0.1 regular user is able to obtain view-only access to some admin pages in the Control Center IBM X-Force ID: 223029.

Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.

Google today announced plans to implement support for passwordless logins in Android and the Chrome web browser to allow users to sign in across different devices and websites irrespective of the platform. "This will simplify sign-ins across devices, websites, and applications no matter the platform - without the need for a single password," Google said. <!--adsense--> Apple and Microsoft are

By Jung soo An, Asheer Malhotra and Justin Thattil, with contributions from Aliza Berk and Kendall McKay. In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns... [[ This is only the beginning! Please visit the blog for the complete entry ]]

A sample of the new REvil ransomware was found in the wild, signaling that, yes, REvil has indeed come back. The post It’s business as usual for REvil ransomware appeared first on Malwarebytes Labs.

Operation CuckooBees uncovered the state-sponsored group's sophisticated new tactics in a years-long campaign that hit more than 30 tech and manufacturing companies.

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.