Serious vulnerabilities found in ITarian software, patches available for SaaS products

Credit to Author: Pieter Arntz| Date: Mon, 13 Jun 2022 12:25:19 +0000

Researchers at DIVD found vulnerabilities in ITarian products and worked with the vendor to develop patches. These patches are now available.

The post Serious vulnerabilities found in ITarian software, patches available for SaaS products appeared first on Malwarebytes Labs.

Read more

Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed

Credit to Author: Pieter Arntz| Date: Tue, 17 May 2022 19:37:25 +0000

A researcher has combined a chain of bugs into an attack method that makes it possible to take over Facebook accounts linked to Gmail.

The post Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed appeared first on Malwarebytes Labs.

Read more

Threat actor steals email with Zimbra zero-day

Credit to Author: Pieter Arntz| Date: Fri, 04 Feb 2022 16:07:15 +0000

Researchers have uncovered a targeted phishing campaign exploiting a XSS zero-day vulnerability in the Zimbra email platform.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Threat actor steals email with Zimbra zero-day appeared first on Malwarebytes Labs.

Read more

XSS plugin vulnerabilities plague WordPress users

Credit to Author: Danny Bradbury| Date: Tue, 03 Mar 2020 10:44:44 +0000

Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Bjh4-1ye-9E” height=”1″ width=”1″ alt=””/>

Read more

Cookie-nabbing app could have served users side helping of XSS

Credit to Author: Danny Bradbury| Date: Fri, 14 Feb 2020 12:29:39 +0000

A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/uCTRH0KiVPg” height=”1″ width=”1″ alt=””/>

Read more

No surprises in the top 25 most dangerous software errors

Credit to Author: Danny Bradbury| Date: Thu, 19 Sep 2019 08:58:17 +0000

An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today – with some old familiar names topping the list.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/rJcjSJP7NLU” height=”1″ width=”1″ alt=””/>

Read more

WordPress 5.2.3 fixes new clutch of security vulnerabilities

Credit to Author: John E Dunn| Date: Mon, 09 Sep 2019 10:31:30 +0000

WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/j-xSSrxRMDU” height=”1″ width=”1″ alt=””/>

Read more