To view live cyber attacks in real time, visit: norsecorp.com
- Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw October 16, 2017
- Pizza Hut Latest To Be Hit In Card Data Breach October 16, 2017
- Artificial Intelligence – Hype, Hope, And Fear October 16, 2017
- CVE-2015-2790 March 30, 2015Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. (CVSS:4.3) (Last Update:2016-12-02)
- CVE-2015-2789 March 30, 2015Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 184.108.40.2066 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. (CVSS:4.4) (Last Update:2016-12-02)
- CVE-2015-2701 March 25, 2015Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/. (CVSS:6.8) (Last Update:2016-12-02)
- Surviving Fileless Malware: What You Need to Know about Understanding Threat Diversification October 13, 2017Fileless malware is completely different than file-based malware in terms of how the malicious code is executed and how it dodges traditional file-scanning technologies.
- Why Cloud Security Is a Shared Responsibility October 13, 2017If you’re about to join the cloud revolution, start by answering these questions: how are security responsibilities shared between clients and cloud vendors? And why do on-premises security solutions fail in the cloud?
- Put Your S3 Buckets to the Test to Ensure Cloud Fitness October 13, 2017Security measures that are critical to attain the basic level of security for your S3 buckets, which are always going to be a target because they store sensitive data.
- Micro Focus VisiBroker C++ 8.5 SP2 Memory Corruption October 16, 2017Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities.
- Debian Security Advisory 3999-1 October 16, 2017Debian Linux Security Advisory 3999-1 – Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
- Webmin 1.850 SSRF / CSRF / Cross Site Scripting October 16, 2017Webmin version 1.850 suffers from server side request forgery, cross site request forgery, and cross site scripting vulnerabilities.