Author Archives: CIRT Team



CIRT Team

in News Clipping

PayPal Phishing – Homographic Email Body [source: pwncode]

There’s an ongoing PayPal Phishing Campaign in the wild which sends HTML attachments that spoof PayPal Forms and request users for sensitive information. This campaign was particularly interesting because the email body was encoded with Unicode characters which look similar to corresponding ASCII Characters. Homographic attacks are usually performed to craft URLs which look like legitimate URLs by substituting some of the ASCII characters with...

Read More

0
05 Oct 2017
in Security Advisories & Alerts

Wordfence! Publishes Security Updates for WordPress plugin

Description: PHP Object Injection Vulnerability Severity 9.8 (Critical) have been found in Appointments, RegistrationMagic-Custom Registration Forms, and Flickr Gallery plugins. Affected plugins and versions: Appointments by WPMU Dev (fixed in 2.2.2) Flickr Gallery by Dan Coulter (fixed in 1.5.3) RegistrationMagic-Custom Registration Forms by CMSHelpLive (fixed in 3.7.9.3) Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available....

Read More

0
05 Oct 2017
in Security Advisories & Alerts

Mozilla! Releases Security Update

Description: Mozilla! has released security updates to address multiple vulnerabilities for the following softwares : Firefox ESR 52.4 Firefox 56 Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/ https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/

0
02 Oct 2017
in Security Advisories & Alerts

Apple Releases Security Update for iOS

Description: Apple has released iOS 11.0.1 to address vulnerabilities in previous versions of iOS. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208143    

0
28 Sep 2017
in Security Advisories & Alerts

Google Releases Security Updates for Chrome

Description: Google has released Chrome version 61.0.3163.100 for Windows, Mac, and Linux. This update addresses multiple vulnerabilities that an attacker may exploit to cause a denial-of-service condition. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html    

0
28 Sep 2017
in Security Advisories & Alerts

Joomla! Releases Security Update

Description: Joomla! has released version 3.8.0 of its Content Management System (CMS) software to address several vulnerabilities. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.joomla.org/announcements/release-news/5713-joomla-3-8-0-release.html    

0
28 Sep 2017
in Security Advisories & Alerts

WordPress 4.8.2 Security and Maintenance Release

Description: WordPress versions 4.8.1 and earlier are affected by several security issues and advised to upgrade to 4.8.2 immediately. Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/    

0
28 Sep 2017
Page 103 of 134« First...102030...101102103104105...110120130...Last »