[SecurityWeek] Kenyan Arrested in Qatar First Targeted by Phishing Attack

A Kenyan security guard now facing charges in Qatar after writing compelling, anonymous accounts of being a low-paid worker there found himself targeted by a phishing attack that could have revealed his location just before his arrest, analysts say.

read more

Source: Read More (SecurityWeek RSS Feed)

You might be interested in …

[BleepingComputer] Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious ‘Invoice’ Word documents. […] Source: Read More (BleepingComputer)

Read More

[SANS ISC] CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability, (Sat, Jun 26th)

All posts, Sans-ISC

This XML External Entity injection (XXE) vulnerability disclosed in March 2019 is still actively scanned for a vulnerable mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10. This exploit attempts to read the Zimbra configuration file that contains an LDAP password for the zimbra account. Sample Log 20210625-144918: 192.168.25.9:443-45.146.165.123:41062 data POST /Autodiscover/Autodiscover.xml HTTP/1.1 Host: […]

Read More

[SecurityWeek] Intel Releases 29 Advisories to Describe 73 Vulnerabilities Affecting Its Products

All posts, Security Week

Intel this week announced the availability of patches for 73 vulnerabilities identified across multiple products, including several high-severity flaws that can be exploited to escalate privileges. According to Intel, more than half of the bugs were discovered internally and 40% were reported through its bug bounty program. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.