A local file path traversal issue exists in Evernote 7.9 for macOS which allows an attacker to execute arbitrary programs. https://youtu.be/BAp9rGRR3Mw Technical observation:A crafted URI can be used in a note to perform this attack using file:/// as...
A database belonging to the Indian local search service JustDial was left online without protection exposing personal data of over 100M users. The archive is still leaking personally identifiable information of more than JustDial customers that are accessing...
The European Commission confirmed that has no evidence of issues associated with using products designed by Kaspersky Lab. In June 2018, European Parliament passed a resolution that classified the security firm’s software as “malicious” due to the alleged...
A new variant of the HawkEye data stealer emerges in the threat landscape as part of ongoing malware distribution campaigns. New malware campaigns leveraging a new variant of the HawkEye data stealer have been observed by experts at Talos. has been...
Threat Group Exploits Chrome Bug to Serve Malicious Ads to iOS Users Threat actors tracked as eGobbler developed a new exploit that is allowing them to serve more than 500 million malicious ads to iOS users. The group tracked as eGobbler is exploiting...
Blue Cross of Idaho announced to have suffered a data breach, hackers accessed to the personal information of about 5,600 customers. Blue Cross of Idaho announced suffered a data breach that might have exposed the personal information of about 5,600...
Cyber security firm FireEye announced the release of FLASHMINGO, a new open source tool designed to automate the analysis of Adobe Flash files. FireEye released FLASHMINGO, a new open source tool designed to automate the analysis of Adobe Flash files....
Expert discovered an exploit that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker browser extensions to craft filters to inject remote scripts into web sites. ad blocking extensions receive in input a list...
Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. The Scranos rootkit malware was first discovered late last...
Ecuador suffered 40 million cyber attacks on websites of public institutions since the arrest of Wikileaks founder Julian Assange. Last week, WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London. after Ecuador withdrew...
Yoroi Blog