phishing attack

Attackers Host Phishing Pages on Azure

Researchers have recently seen phishing attacks against Office 365 users wherein fake log-in pages were hosted on Microsoft Azure to give them more credibility. According to researchers from security firm EdgeWave, the ...
Security Boulevard
Zero-day Threats Detection

New Shlayer Malware Variant Targeting Macs

Security researchers have found a new variant of a trojan program dubbed Shlayer that infects Mac computers and disables the macOS Gatekeeper security agent. Shlayer was discovered a year ago by researchers ...
Security Boulevard
insider threat

Serious Vulnerability Found in Lifesize Business Videoconferencing Devices

A security researcher from security firm Trustwave has found a vulnerability that could allow hackers to take over videoconferencing devices made by Lifesize. Some of the affected products have reached end-of-sale or ...
Security Boulevard
Microsoft Age of Collaboration

FaceTime Group Chat Disabled Due to Snooping Bug

Apple has disabled the group chat feature in its FaceTime video calling app after a bug was discovered that allows callers to remotely turn on the microphones on the recipients’ devices. The ...
Security Boulevard
SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution

SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution

Vulnerabilities Summary The following advisory describes a vulnerability in SME Server 9.2, which lets an unauthenticated attackers perform XSS attack that leads to remote code execution as root. SME Server is a ...
virus

Researcher Drops Third Windows Zero-Day Exploit in Four Months

A security researcher who uses the online handle SandboxEscaper has published proof-of-concept exploit code for an unpatched vulnerability in Windows. The flaw is located in the “MsiAdvertiseProduct” function, which, according to Microsoft’s ...
Security Boulevard
Barracuda Networks ATO Attacks

Business Email Compromise Gang Targeted 50,000 Company Executives

A Nigerian gang with members based in the U.K. is perpetrating a business email compromise operation aimed squarely at executives at companies with locations worldwide. The gang has compiled a target list ...
Security Boulevard
cyber attacks

Cisco Takes Another Stab at Patching Recent WebEx Vulnerability

Cisco Systems has released a new patch for a remotely exploitable privilege escalation vulnerability after security researchers found that its previous fix was incomplete. The company first patched the vulnerability, known as ...
Security Boulevard
Akamai JavaScript

Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in

Hackers are breaking into WordPress websites by exploiting a recently patched privilege escalation vulnerability in a popular plug-in that allows site owners to conform to the GDPR user data collection requirements. The ...
Security Boulevard
fileless malware

Zero-Day Exploit Published for VM Escape Flaw in VirtualBox

A security researcher disclosed a yet unpatched zero-day vulnerability in the popular VirtualBox virtualization software that can be exploited from a guest operating system to break out of the virtual machine and ...
Security Boulevard