XSS – Computer Security Articles

Joomla! patches XSS flaws that could lead to remote code execution

February 28, 2024 admin CMS, cve-2024-27122, cve-2024-27123, cve-2024-27124, cve-2024-27125, cve-2024-27126, Exploits and vulnerabilities, Joomla, news, XSS

Time to get patching!

Independent Krebs

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

February 28, 2024 admin an-security breach, CNN, Donald Trump, Europol, FBI, fulton county hack, george chidi, lockbit, lockbitsupp, National Crime Agency, Ne'er-Do-Well News, ransomware, vx-underground, XSS

Credit to Author: BrianKrebs| Date: Mon, 26 Feb 2024 02:17:55 +0000

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents published by the crime gang suggest a total leak of the Fulton County data could put lives at risk and jeopardize a number of other criminal trials.

MalwareBytes Security

2 million job seekers targeted by data thieves

February 8, 2024 admin apac, digital footprint, news, personal, privacy, resumelooters, SQL Injection, XSS

A criminal group called ResumeLooters has stolen the personal information of over two million job seekers from at least 65 different websites.

Security Sophos

For the win? Offensive research contests on criminal forums

August 29, 2023 admin exploit, Featured, marketplaces, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Tue, 29 Aug 2023 10:00:17 +0000

We explore some of the entries in recent cybercrime research competitions, and what they say about threat actor innovation and priorities

MalwareBytes Security

Zimbra issues awaited patch for actively exploited vulnerability

July 28, 2023 admin cisa, cve-2023-0464, cve-2023-38750, Exploits and vulnerabilities, jsp, news, tag, XML, XSS, zcs, zimbra

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZCS

Tags: CVE-2023-38750

Tags: CISA

Tags: CVE-2023-0464

Tags: TAG

Tags: XSS

Tags: JSP

Tags: XML

Tags:

Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files.

MalwareBytes Security

“Beautiful Cookie Consent Banner” WordPress plugin vulnerability: Update now!

May 25, 2023 admin beautiful cookie consent banner, Business, exploit, JavaScript, plugin, update, Vulnerability, website, wordpress, XSS

Categories: Business

Tags: beautiful cookie consent banner

Tags: Wordpress

Tags: plugin

Tags: vulnerability

Tags: exploit

Tags: XSS

Tags: javascript

Tags: update

Tags: website

We take a look at a vulnerability in a popular WordPress plugin. It’s been fixed, but you’ll need to update as soon as you can!

Security Sophos

The scammers who scam scammers on cybercrime forums: Part 4

December 28, 2022 admin breachforums, exploit, Featured, marketplaces, scams, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Wed, 28 Dec 2022 12:00:01 +0000

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the fourth and final part of our series, we look at how scammers scamming scammers can benefit researchers

Security Sophos

The scammers who scam scammers on cybercrime forums: Part 2

December 14, 2022 admin breachforums, exploit, marketplaces, RaidForums, scams, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Wed, 14 Dec 2022 12:00:20 +0000

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the second part of our series, we look at the different flavors of scams prevalent on criminal forums

← Previous