XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability

Credit to Author: Jérôme Segura| Date: Wed, 21 Oct 2020 20:41:32 +0000

This tech support scam is being spread via Facebook links and uses several redirection mechanisms to avoid detection.

Categories:

Tags:

(Read more…)

The post XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability appeared first on Malwarebytes Labs.

Read more

Removing Open Source Visibility Challenges for Security Operations Teams

Credit to Author: Trend Micro| Date: Tue, 25 Aug 2020 13:00:11 +0000

  Identifying security threats early can be difficult, especially when you’re running multiple security tools across disparate business units and cloud projects. When it comes to protecting cloud-native applications, separating legitimate risks from noise and distractions is often a real challenge.   That’s why forward-thinking organizations look at things a little differently. They want to…

The post Removing Open Source Visibility Challenges for Security Operations Teams appeared first on .

Read more

Why is smartphone security so important?

Credit to Author: Akuti Ojah| Date: Tue, 28 Jul 2020 12:42:50 +0000

Let’s pause for a second here and think about the astonishingly smart palm-sized device – that is our phone. A decade or two ago it would have been impossible to imagine all the things that a modern-day smartphone can do. A day without our smartphone is quite unimaginable. From remembering…

Read more

Microsoft pushes fixes for 128 security bugs in June, 2020 Patch Tuesday

Credit to Author: SophosLabs Offensive Security| Date: Tue, 09 Jun 2020 17:01:17 +0000

In this month&#8217;s Patch Tuesday, a total of 128 security vulnerabilities have been patched in Microsoft products, a slight increase compared to the last few months. Only twelve of the vulnerabilities are rated &#8220;Critical.&#8221; None of the bugs have been found being exploited in the wild (yet). Preceding this month&#8217;s update was a fix for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/02N0ToRkzv0″ height=”1″ width=”1″ alt=””/>

Read more

How CVSS works: characterizing and scoring vulnerabilities

Credit to Author: Eddie Segal| Date: Wed, 13 May 2020 15:30:00 +0000

CVSS, or Common Vulnerability Scoring System, provides developers, testers, and security professionals with a standardized process to assess vulnerabilities.

Categories:

Tags:

(Read more…)

The post How CVSS works: characterizing and scoring vulnerabilities appeared first on Malwarebytes Labs.

Read more

iOS Mail bug allows remote zero-click attacks

Credit to Author: Thomas Reed| Date: Wed, 22 Apr 2020 17:54:33 +0000

A newly-discovered vulnerability in iOS Mail can be used to attack an iPhone remotely using a malicious e-mail message, even if you’re running the latest version of iOS (13.4.1).

Categories:

Tags:

(Read more…)

The post iOS Mail bug allows remote zero-click attacks appeared first on Malwarebytes Labs.

Read more

Microsoft delivers fixes for 110 bugs in April, 2020 Patch Tuesday

Credit to Author: SophosLabs Offensive Security| Date: Tue, 14 Apr 2020 17:43:55 +0000

For the April edition of Patch Tuesday, Microsoft repaired a total of 110 security vulnerabilities across their product line. Included in this count are 37 remote code execution bugs, and 33 elevation of privilege bugs. The company rated eighteen of the vulnerabilities &#8220;Critical.&#8221; This release&#8217;s most notable item is the follow-up to last month&#8217;s announcement, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/nZFcJpOgF1I” height=”1″ width=”1″ alt=””/>

Read more