| |
Millions caught up in Android botnet |
| |
(January 31, 2012) |
| |
It has been reported that security firm Symantec has uncovered a massive botnet that may have attracted millions of unsuspected Android users to download malware infected apps from the official Google Android Market. |
| |
|
| |
UK Online Fraud Report 2012 released |
| |
(January 27, 2012) |
| |
CyberSource has released the UK Online Fraud Report 2012 to better understand the impact of payment fraud for online merchants. |
| |
|
| |
Anonymous hackers attack Polish State websites |
| |
(January 26, 2012) |
| |
It has been reported that the hacker group Anonymous has made an attack on the Polish government website by identifying themselves as the “Polish Underground”. |
| |
|
| |
|
| |
(January 24, 2012) |
| |
It has been reported that the hacker group Anonymous has targeted several government and music industry websites including the FBI, Department of Justice, Universal Music Group, RIAA, Motion Picture Association of America and Warner Music Group. |
| |
|
| |
103 Government of Kenya websites hacked overnight |
| |
(January 19, 2012) |
| |
It has been reported that
103 websites belonging to the Government of Kenya have been hacked overnight by an Indonesian hacker named as “ direxer” . |
| |
|
| |
A division of Amazon, "Zappos.com" hacked: 24 million customer records breached |
| |
(January 17, 2012) |
| |
It has
been reported that online retailer “ Zappos.com” which is a division of Amazon, has suffered a network security breach during which about 24 million customers' records were exposed. |
| |
|
| |
Symantec's Norton Antivirus source code exposed by hackers |
| |
(January 10, 2012) |
| |
It has been reported that a hacking group known as “Lords of Dharmaraja” has gained access to some of the security product's source code of Symantec, the makers of Norton AntiVirus, as stated on the website of ‘ Naked Security Sophos. |
| |
|
| |
Latest SQL Injection Campaign Infects 1 Million Web Pages |
| |
(January 06, 2011) |
| |
An SQL Injection campaign is “literally going viral” and about 1 million URLs might be infected, as stated on the website of darkreading.com . |
| |
|
| |
Aggressive Phishing Attack Target Military Personnel |
| |
(December 30, 2011) |
| |
An aggressive phishing attack is making the rounds in the form of malicious emails which seem to come from senior officers have been sent to military personnel during the festive season. |
| |
|
| |
Anonymous hackers hit U.S Security Firm Stratfor |
| |
(December 28, 2011) |
| |
The hacktivist group Anonymous claims to have stolen thousands of credit card details and other personal information belonging to the clients of US security intelligence firm Stratfor. |
| |
|
| |
Microsoft Windows Phone Message Processing Denial of Service Vulnerability |
| |
(December 27, 2011) |
| |
A vulnerability has been identified in Microsoft Windows Phone and it can be exploited by remote attackers to cause a denial of service condition. The vulnerability exists because of errors while processing messages. |
| |
|
| |
Minimum Security Standards Set for Cloud Providers |
| |
(December 22, 2011) |
| |
The White House and the Federal CIO have released the Federal Risk and Authorisation Management Program (FedRAMP), a fully defined set of standards consisting of cloud security rules for service providers |
| |
|
| |
|
| |
Rising Cybercrime Pushes African Governments to take Action |
| |
(December 21, 2011) |
| |
Certain African governments have set up incident reporting and early warning bodies with the support of the African Network Information Center (AfriNIC) in respect of the rising cybercrime incidents in public and private sectors. |
| |
|
| |
Visa probes reported security breach of card processor |
| |
(December 19, 2011) |
| |
Visa is investigating a possible compromise of security at a European payment processer that may have compromised more that 10,000 cards in Eastern Europe. |
| |
|
| |
Australia's Largest ISP: Telstra Bigpond users targeted in post-data breach phishing campaign |
| |
(December 15, 2011) |
| |
It has been reported that Telstra Bigpond , Australia's largest ISP, was victim of a data breach. A phishing campaign is targeting the users whereby they were asked to confirm their billing information by clicking on a link or risk the suspension of their account. |
| |
|
| |
Six people arrested in million pound scam |
| |
(December 13, 2011) |
| |
The officers of the Metropolitan Police Service e-crime Unit (PCeU) have arrested six people in connection with a phishing scam that targeted hundreds of students. |
| |
|
| |
Congress website hacked, Sonia Gandhi's page defaced |
| |
(December 12, 2011) |
| |
Hackers broke into the official website of India's ruling Congress party and have defaced the profile of the party's president Sonia Gandhi with a pornographic message, as stated on the website of NDTV. |
| |
|
| |
Second Dutch Security firm hacked, unsecured phpMyAdmin implicated |
| |
(December 12, 2011) |
| |
It has been reported that another Dutch security company, Gemnet , has been compromised, as stated on the website of Naked Security Sophos . |
| |
|
| |
Ubuntu update for Kernel |
| |
(December 12, 2011) |
| |
Ubuntu has issued an update for Linux and this update addresses multiple vulnerabilities. The vulnerabilities can be exploited by remote attackers to cause a denial of service condition and gain privileges on the affected systems. |
| |
|
| |
Military Contractor warns of new Adobe Reader Exploit |
| |
(December 08, 2011) |
| |
A vulnerability has been reported in the latest versions of Adobe Reader and Acrobat applications and is being exploited by remote attackers to hijack computers running on Microsoft Windows. |
| |
|
| |
Microsoft Internet Explorer Cache Objects History Enumeration Weakness |
| |
(December 08, 2011) |
| |
A vulnerability has been identified in Microsoft Internet Explorer and it can be exploited by remote attackers to disclose sensitive information. |
| |
|
| |
Facebook chat worm continues to spread |
| |
(December 07, 2011) |
| |
It has been reported that a Facebook chat worm is spreading via the chat system of the social networking site where users are tricked to believe that they are clicking on an image link, as stated by Naked Security Sophos . |
| |
|
| |
|
| |
(December 06, 2011) |
| |
The security researchers of Bitdefender have revealed that an unpatched zero-day flaw in Yahoo Messenger allows remote attackers to arbitrarily changes the status message of any user that runs the vulnerable version, as stated on the website of Naked Security Sophos |
| |
|
| |
Systematic Detection of Capability Leaks in Stock Androd Smartphones |
| |
(December 05, 2011) |
| |
It has been observed that there is an increase in the adoption of smartphones. Android provides a permission based security model which requires each application to request permissions before it can be installed to run in order to manage information and features on smartphones. |
| |
|
| |
The National Institute of Standards and Technology (NIST) releases New Dataset to combat cyber attacks |
| |
(December 01, 2011) |
| |
The National Institute of Standards and Technology (NIST) has released a new dataset to combat cyber attacks. |
| |
|
| |
UK New Cyber Security Strategy released |
| |
(November 29, 2011) |
| |
With an increase focus on cybercrime, the UK government has released its new 2011 Cyber Security Strategy to set out how it will tackle cyber threats to promote economic growth and to protect the nation's security and way of life. |
| |
|
| |
Anonymous leaks Law Enforcement Forensics Secrets |
| |
(November 24, 2011) |
| |
The hacktivist group, Anonymous, has claimed the release of 38,000 emails related to the Feds' cybercrime investigations, in retaliation to the harsh penalties given to its members, as stated on the website of InformationWeek . |
| |
|
| |
|
| |
(November 23, 2011) |
| |
According to the predictions of the security vendor, M86, mobile malware will emerge as a major threat and targeted attacks on mobile devices will become more often and complex. |
| |
|
| |
SUSE Update for Mozilla Firefox |
| |
(November 21, 2011) |
| |
SUSE has released an update for Mozilla Firefox. This update addresses multiple vulnerabilities that can be exploited by remote attackers to gain knowledge and reveal sensitive information, conduct cross-site scripting attacks, bypass security restrictions and take full control of the target user's system. |
| |
|
| |
The World Wide Web Consortium (W3C) Announces First Draft of Standard for Online Privacy |
| |
(November 21, 2011) |
| |
The World Wide Web Consortium has published the first drafts of two privacy standards: the Tracking Preference Expression and the Tracking Compliance and Scope Specification that will allow internet users to indicate their preference for online cookie tracking. |
| |
|
| |
Facebook 'virus' shows hardcore porn and violent images |
| |
(November 17, 2011) |
| |
Pornographic and violent images have appeared on the newsfeeds of many Facebook users in the last 24 hrs, as stated on the website of Naked Security Sophos. |
| |
|
| |
SUSE Update for Flash Player |
| |
(November 17, 2011) |
| |
SUSE has released an update for Adobe Flash Player. This update addresses several vulnerabilities that can be exploited by remote attackers to bypass certain security restrictions and take full control of the vulnerable systems. |
| |
|
| |
U.S anti-hacking law turns computer users into criminals |
| |
(November 16, 2011) |
| |
According to a former prosecutor, the United States anti-hacking law; the Computer Fraud and Abuse Act (CFAA) is posing a threat to the human rights of millions of Americans that make use of computers and the internet. |
| |
|
| |
FBI and the Estonian Police execute 'biggest cybercriminal takedown in history' |
| |
(November 14, 2011) |
| |
‘Operation Ghost Click' was carried out by the US Federal Bureau of Investigation (FBI) and Estonian police during which a long-living botnet of more than 4,000,000 bots was taken down, in collaboration with Trend Micro and other industry partners. |
| |
|
| |
Apple Mac OS X update for Java |
| |
(November 11, 2011) |
| |
Apple has released an update for Java for Mac OS X. |
| |
|
| |
Facebook Failed to stop large scale infiltration |
| |
(November 09, 2011) |
| |
According to researchers in Canada, the security system of Facebook has failed to stop a large-scale infiltration during which personal information about thousands of Facebook users were collected by computer-generated faked Facebook profiles, as stated on the website of nzherald.co.nz . |
| |
|
| |
Duqu first spotted as "Stars" Malware in Iran |
| |
(November 08, 2011) |
| |
As further research continues for the Duqu computer infection, new information has suggested that the malware was created to spy on Iran's nuclear program. |
| |
|
| |
Warning from Experts: Smartphone Malware Danger |
| |
(November 08, 2011) |
| |
Experts are giving warning that criminals are creating fake apps that secretly send premium rate text messages from Smartphones without the knowledge of the user. |
| |
|
| |
Microsoft announces workaround for the Duqu exploit |
| |
(November 07, 2011) |
| |
Microsoft has released a security advisory (Advisory 2639658) to address the vulnerability reported in Windows Kernel and exploited by the Duqu malware. |
| |
|
| |
Duqu Infection linked to Microsoft Word Exploit |
| |
(November 03, 2011) |
| |
It has been reported that the Duqu Trojan, the possible son of Stuxnet, was spread with the help of an infected Word Document, as stated on the website of BBC World News. |
| |
|
| |
Tsunami Backdoor for Mac OS X discovered |
| |
(November 03, 2011) |
| |
A new backdoor Trojan horse named as ‘Tsunami' has been discovered for Mac OS X. |
| |
|
| |
|
| |
(November 03, 2011) |
| |
The Director of communications of intelligence agency GCHQ has said that the United Kingdom has been subject to a “disturbing” number of cyber attacks, as stated on the website of BBC World. |
| |
|
| |
Anonymous has tools to take down critical infrastructure, says Sourcefire |
| |
(October 31, 2011) |
| |
Anonymous has expressed its interest to attack industrial control systems, as posted on the Public Intelligence website from the Department of Homeland Security. |
| |
|
| |
ISO ratifies ISO/IEC 27035:2011 Security Standard |
| |
(October 28, 2011) |
| |
The International Organisation for Standardisation (ISO) has formally ratified the infosecurity best practice process for incident reporting, ISE/IEC 27035:2011. |
| |
|
| |
Japanese parliament hit by cyber attack |
| |
(October 28, 2011) |
| |
The Japanese parliament has been hit by a cyber attack, as stated on the website of Naked Security Sophos . |
| |
|
| |
New Mass of SQL Injection attack making rounds |
| |
(October 27, 2011) |
| |
A mass of SQL injection attack known as ‘jjghui' is making its rounds on the web, as stated on the website of ‘Help Net Security' . |
| |
|
| |
Lolita City and other alleged child porn websites attacked by 'Anonymous' |
| |
(October 27, 2011) |
| |
It has been reported that members of the hacktivist collective Anonymous group has made declaration on internet paedophiles and has been attacking websites that contain child abuse content. |
| |
|
| |
LG Australia Website defaced to show simulated intrusion |
| |
(October 27, 2011) |
| |
The Australian website of consumer electronics firm LG has been hacked by a hacker group known as “Intra Web Security Exploit Team ”. |
| |
|
| |
Twitter Phishing Attack: 'Found a funny picture of you!' |
| |
(October 25, 2011) |
| |
Twitter accounts have again been victim of a phishing attack whereby cybercriminals are sending messages with the aim of tricking users and making them divulge their username and password. |
| |
|
| |
iOS 5 Introduces Security Challenges and Flaws |
| |
(October 25, 2011) |
| |
It has been reported that the new Apple iOS 5 contains some security challenges and Flaws. The security challenges have been found in especially in the media part of the Apple IOS 5 such as photos, videos, sound recordings and music. |
| |
|
| |
Researchers warn of new Stuxnet worm |
| |
(October 19, 2011) |
| |
Researchers have found evidence that the Stuxnet worm, which alarmed Governments around the world, could be about to regenerate, stated BBC World News . |
| |
|
| |
10,000 Facebook accounts leaked by 'TeamSwaStika' on Pastebin |
| |
(October 19, 2011) |
| |
It was been reported that a hacking group known as ‘TeamSwaStika' has hacked ten thousand Facebook accounts, as stated on the website of Cyberwarzone . |
| |
|
| |
Smartphones - Increase Global Cybercrime |
| |
(October 19, 2011) |
| |
Cyber security experts have warned that the world is facing a wave of cybercrime and the cause is the addiction to smartphones. |
| |
|
| |
Apple releases OS X 10.7.2 and iOS 5 with enormous security patch |
| |
(October 17, 2011) |
| |
Apple has released updates for several Apple products including OS X Lion (10.7.2), Snow Leopard (Security Update 2011-006), Apple iOS (5), Numbers for iOS (1.5) and Pages for IOS (1.5) to address multiple security issues. |
| |
|
| |
Sony suffers another security breach |
| |
(October 14, 2011) |
| |
Sony has again been a victim of a security breach where hackers successfully broke into 93,000 user accounts on its online gaming and entertainment networks. |
| |
|
| |
Beware Phishing Email: Fake Microsoft Lottery Award |
| |
(October 13, 2011) |
| |
An E-mail, appearing to originate from Microsoft, is being circulated with subject ‘MICROSOFT AWARD'. |
| |
|
| |
BlackBerry services hit for more disruptions |
| |
(October 13, 2011) |
| |
For the third consecutive day, BlackBerry users around the world have been experiencing further disruptions in service which have now spread further to Asia. |
| |
|
| |
United Parcel Service of America (UPS) Phishing Email |
| |
(October 13, 2011) |
| |
It has been reported that a phishing email of the United Parcel Service of America (UPS) is circulating, announced on the website of Naked Security Sophos |
| |
|
| |
Security Firm RSA blames nation state for attack on its servers |
| |
(October 13, 2011) |
| |
RSA has announced that a nation state is behind an attack made on its servers. |
| |
|
| |
Possible Govermental Backdoor found |
| |
(October 12, 2011) |
| |
Chaos Computer Club (CCC), the largest European hacker club has announced that it has located a backdoor Trojan used by the German Government, as reported on the website of F-Secure. |
| |
|
| |
Fake iPhone 5: Emails Infect Windows PCs with Malware |
| |
(October 05, 2011) |
| |
As the excitement of the new iPhone is reaching its peak, cybercriminals are already taking advantage to exploit it for their own ends. |
| |
|
| |
Red Hat Update for Sea Monkey and Thunderbird |
| |
(October 04, 2011) |
| |
Red Hat has issued an update for Sea Monkey and Thunderbird and this update addresses several vulnerabilities. |
| |
|
| |
Flashback Mac Trojan poses as Adobe Flash Update, opens Backdoor |
| |
(September 30, 2011) |
| |
It has been discovered that a malware is disguising as an Adobe Flash update to install itself into Mac Operating System. |
| |
|
| |
MySQL.com hacked for second time in a year |
| |
(September 28, 2011) |
| |
It has been reported that the website of MySQL has been hacked for the second time this year, as stated by ‘Naked Security Sophos' . |
| |
|
| |
Facebook's Timeline: A boon for Hackers |
| |
(September 27, 2011) |
| |
Facebook has introduced another feature- a new ‘TimeLine' and is planning to roll out to users in the coming weeks. |
| |
|
| |
Japan's Biggest Defense Contractor hit by hackers |
| |
(September 21, 2011) |
| |
Japan's biggest defense contractor, Mitsubishi Heavy Industries, has become victim of a malware based attack on Monday 19th September 2011, as reported on the website of ‘The Register'. |
| |
|
| |
Linux Kernel CIFS DFS Denial of Service Vulnerability |
| |
(September 16, 2011) |
| |
A vulnerability has been identified in Linux Kernel and it can be exploited by remote attackers to cause a denial of service. |
| |
|
| |
Microsoft Security Bulletin Advance Notification for September 2011 |
| |
(September 13, 2011) |
| |
Microsoft has issued a Security Bulletin Advance Notification for September 2011. |
| |
|
| |
Red Hat Enterprise MRG Grid 'cumin' Bug Lets Local Users Access Broker Password |
| |
(September 12, 2011) |
| |
A vulnerability was identified in Red Hat Enterprise MRG Grid. The issue is that broker authentication credentials is written to the Cumin log file and a local user can access the file to get hold of the broker username and password. |
| |
|
| |
Red Hat Update for Kernel |
| |
(September 06, 2011) |
| |
Red Hat has issued an update for Kernel and this update addresses several weaknesses and vulnerabilities. |
| |
|
| |
Hackers steal Secure Socket Layer (SSL) Certificates for CIA, MI6, Mossad and Others |
| |
(September 06, 2011) |
| |
Hackers has acquired over more than 500 DigiNotar Digital Certificates, including those of Intelligence Services such as the CIA, MI6 and Mossad. |
| |
|
| |
|
| |
DNS hack hits popular websites: The Daily Telegraph, The Register, UPS and Others |
| |
(September 06, 2011) |
| |
Several popular websites including ‘The Register', ‘The Daily Telegraph', UPS and others have been victim to a DNS hack that has led visitors being redirected to third-party webpages, as stated on the website of ‘Naked Security- Sophos' . |
| |
|
| |
New Windows 'Worm' spreads by attacking Weak Passwords |
| |
It has been reported that a worm known as "Morto" is circulating through the networks of companies by taking advantage of weak passwords, as stated on the website of Computer World. |
| |
(September 05, 2011) |
| |
|
| |
Nokia's Developper Network hacked |
| |
The online community used by developers of Nokia phone apps has been hacked, as stated on the website of ‘ BBC World' |
| |
(September 01, 2011) |
| |
|
| |
Latest Version of Skype susceptible to Malicious Code Injection Flaw |
| |
It has been reported that the latest version of Skype is vulnerable and it can be exploited by remote attackers to conduct malicious injection of HTML / Javascript code into a user's phone session. |
| |
(August 26, 2011) |
| |
|
| |
Facebook changes Privacy Options |
| |
Facebook has announced that it has made major changes regarding its privacy settings. In the coming days, Facebook users will have more control in managing their information on the site. |
| |
(August 25, 2011) |
| |
|
| |
Malware attack disguised as email about blocked credit card |
| |
Cybercriminals are sending emails in bulk to internet users claiming to be a warning that their credit card has been blocked. |
| |
(August 17, 2011) |
| |
|
| |
Pictures of Osama Bin Laden Phishing attack hit Twitter users |
| |
Phishers are targeting Twitter users by tempting them with the pictures of Osama Bin Laden.
|
| |
(August 16, 2011) |
| |
|
| |
Hong Kong Stock Exchange (HKEx) website hacked |
| |
The Hong Kong Stock Exchange (HKEx) halted trading in the afternoon of August 10, 2011 following an attack made on its website, as stated by “Sophos Naked Security”. |
| |
(August 12, 2011) |
| |
|
| |
England riots: Hackers hit BlackBerry over Police help |
| |
(August 12, 2011) |
| |
A hacker group has attacked Blackberry's website after the company – ‘Research In Motion' stated that it will help the Police in the investigation of the riots in UK, as stated on the website of BBC News. |
| |
|
| |
Beware: Fake FireFox Update e-mail Includes Password Stealing Trojan |
| |
(August 10, 2011) |
| |
An e-mail is circulating as a FireFox Update e-mail which appears to be from Mozilla Foundation, the maker of web browser FireFox. |
| |
|
| |
Fedora Update for PhpMyAdmin |
| |
(August 8, 2011) |
| |
Fedora has issued an update for phpMyAdmin and this update addresses multiple vulnerabilities. |
| |
|
| |
Beware: “bitly.com” on Facebook |
| |
(August 5, 2011) |
| |
A link known as “bitly.com” is posted on Facebook users' wall. This link indicates that a friend of the user has tagged him / her. |
| |
|
| |
Massive Series of Cyber Attacks Revealed |
| |
(August 5, 2011) |
| |
IT Security firm, McAfee claims to have uncovered one of the largest ever series of cyber attacks, as stated on the website of ‘ BBC News' . |
| |
|
| |
Apple Laptop Battery Interface Lets Local Users Deny Service |
| |
(July 26, 2011) |
| |
A vulnerability has been identified in the battery interface used in Apple laptop models which can be exploited by local user to cause denial of service conditions |
| |
Beware: Koobface Virus propagation through Facebook video clips !!! |
| |
(July 21, 2011) |
| |
Koobface is a computer worm that targets users of the social networking websites such as Facebook, Twitter and MySpace. It eventually attempts to infect the user PC and gathers login information for FTP sites and all other social media platforms |
| |
|
| |
Phishers Hit State Bank of Mauritius Again |
| |
(July 19, 2011) |
| |
Phishers have targeted State Bank of Mauritius again and a phishing link is active which is similar to the original SBM website. |
| |
|
| |
A Major Cyber Attack on Pentagone |
| |
(July 18, 2011) |
| |
A major cyber attack on Pentagon was proved, in which thousands of files were hacked by foreign hackers, as reported on the website of BBC World on 14 July 2011. |
| |
|
| |
Adobe Photoshop Unspecified Vulnerabilities |
| |
(May 05, 2011) |
| |
Some vulnerabilities having an unknown impact have been identified in Adobe Photoshop. These vulnerabilities are caused due to unspecified errors.
Click here to read more |
| |
|
| |
Oracle Solaris Apache APR-util Multiple Vulnerabilities |
| |
(May 05, 2011) |
| |
Some vulnerabilities have been identified in Oracle Solaris Apache Portable Runtime Utility (APR-util) which could be exploited by malicious users to disclose potentially sensitive information or cause a Denial of Service (DoS). The vulnerabilities are as follows:
- Resource Management Errors vulnerability
- Numeric Errors vulnerability
- Buffer Overflow vulnerability
Click here to read more |
| |
|
| |
Fujitsu Products Java Numerical Conversation Denial of Service Vulnerability |
| |
(April 25, 2011) |
| |
A vulnerability has been identified in Fujitsu products which can be exploited by remote attackers to cause denial of service. The problem is that Java RunTime Environment (JRE) hangs when converting a specific floating point string to a binary floating point number by java.lang.Double class. This makes the process using java.lang.Double go into an infinite loop.
Click here to read more |
| |
|
| |
Adobe Flash Player SharedObject Type Confusion Vulnerability |
| |
(April 19, 2011) |
| |
A vulnerability has been identified in Adobe Flash Player which can be exploited by malicious people to compromise a user's system. This vulnerability can cause a crash and can enable an attacker to take control of the affected system. The vulnerability is reported to be exploited in the wild in targeted attacks through a malicious web page or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file and delivered as an email attachment, targeting the Windows Platform.
Click here to read more |
| |
|
| |
BlackBerry Enterprise Server Multiple Vulnerabilities |
| |
(April 15, 2011) |
| |
Some vulnerabilities have been identified in BlackBerry Enterprise Server which can allow malicious people to conduct cross site scripting attacks, disclose sensitive information, manipulate certain data and cause a Denial of Service (DoS)
Click here to read more |
| |
|
| |
Microsoft Windows "afd.sys" 120CFh IOCTL Handling Vulnerability |
| |
(April 12, 2011) |
| |
A vulnerability has been identified in Microsoft Windows which can be exploited by malicious local users to cause a Denial Of Service (DOS). This vulnerability exists due to an error in the afd.sys driver when processing IOCTLS and can be exploited to access invalid memory and cause crash via a specially crafted 0x000120CF IOCTL. The vulnerability is confirmed on a fully patched Windows XP SP3. Other versions may also be affected.
Click here to read more |
| |
|
| |
Mozilla Firefox / Sea Monkey Multiple Vulnerabilities |
| |
(April 08, 2011) |
| |
Some vulnerabilities and a weakness have been identified in Mozilla Firefox and SeaMonkey which can be exploited by malicious people to carry out spoofing attacks, cross-site requests forgery attacks as well as compromise a user's system.
Click here to read more |
| |
|
| |
Apple Mac OS X Multiple Vulnerabilities |
| |
(29 March, 2011) |
| |
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. A divide-by-zero error in AirPort when handling Wi-Fi frames can be exploited to cause a system reset. Multiple vulnerabilities in Apache can be exploited by malicious people to disclose potentially sensitive information and by malicious users and malicious people to cause a DoS (Denial of Service).
Click here to read more |
| |
|
| |
Google Chrome Style Handling Memory Corruption Vulnerability |
| |
(16 March, 2011) |
| |
A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error related to the style handling and can be exploited to corrupt memory. The vulnerability is reported in versions prior to 10.0.648.133.
Click here to read more |
| |
|
| |
ISC DHCP Server DHCPv6 Decline Message Denial of Service Vulnerability |
| |
(08 March, 2011) |
| |
The ISC DHCP Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected application to crash, resulting in a denial-of-service condition.ISC DHCP Server versions 4.0 through 4.2.1 are affected.
Click here to read more |
| |
|
| |
Security Updates for Adobe Reader, Acrobat, Flash Player and Shockwave Player |
| |
(21 February, 2011) |
| |
Critical vulnerabilities in Adobe Reader X (10.0); Adobe Reader 9.4.1 and earlier versions could cause the application to crash and potentially allow an attacker to take control of the affected system. Risk for Adobe Reader X users is significantly lower, as none of these issues bypass Protected Mode mitigations. Critical vulnerabilities in Adobe Flash Player 10.1.102.64 and earlier versions could cause the application to crash and could potentially allow an attacker to take control of the affected system.
Click here to read more |
| |
|
| |
Oracle WebLogic Server Remote Security Vulnerability |
| |
(27 January, 2011) |
| |
Oracle WebLogic Server is prone to a remote vulnerability in Node Manager. The vulnerability can be exploited over the TCP/IP protocol. The Node Manager sub component is affected. Fixes are available.
Click here to read more |
| |
|
| |
Internet Explorer CSS Tag Parsing Code Execution Vulnerability |
| |
(8 December, 2010) |
| |
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to insufficient memory being allocated to store a certain combination of CSS (Cascading Style Sheets) tags. This can be exploited to overwrite a byte in a virtual table pointer and call into user-controlled data in memory via a specially crafted web page.
Successful exploitation allows execution of arbitrary code.
Click here to read more |
| |
|
| |
RealPlayer RealMedia Image Map Parsing Vulnerabilities |
| |
(19 November, 2010) |
| |
c00k1e monster has discovered two vulnerabilities in RealPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to integer truncation errors when parsing image maps in RealMedia (.rm) files. This can be exploited to cause heap-based buffer overflows via a specially crafted file. Successful exploitation allows execution of arbitrary code. The vulnerabilities are confirmed in version 1.1.5 Build 12.0.0.879. Other versions may also be affected
.
Click here to read more |
| |
|
| |
Adobe Flash Player Unspecified Code Execution Vulnerability |
| |
(29 October 2010) |
| |
A vulnerability has been discovered in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code. The vulnerability is confirmed in version 10.1.85.3 running on a fully patched Windows XP Professional SP3. Other versions may also be affected.
Click here to read more |
| |
|
| |
Mass mailing worm spreading through spam |
| |
(22 October 2010) |
| |
It is reported that a mass mailing worm has been in surge. The worm -dubbed as W32/VBMania@MM (McAfee) -spreading with subject " Here you have " with a URL in the Body, urging the recipients to download the document /movie available through the URL. The URL is spoofed and points to a malicious server.
Click here to read more |
| |
|
| |
Microsoft Windows Common Control Library Integer Truncation Vulnerability |
| |
(08 October 2010) |
| |
A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer truncation error in the common control library (comctl32.dll) when processing certain messages and can be exploited to e.g. cause a heap-based buffer overflow.
Successful exploitation allows execution of arbitrary code. Adobe SVG Viewer 3.03 products are currently known to present valid attack vectors. Other versions and applications using the vulnerable library may also be affected.
Click here to read more |
| |
|
 |
Adobe Reader / Acrobat SING "uniqueName" Buffer Overflow Vulnerability |
| |
(08 October 2010) |
| |
A vulnerability has been discovered in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within CoolType.dll when processing the "uniqueName" entry of SING tables in fonts and can be exploited to cause a stack-based buffer overflow by e.g.tricking a user into opening a malicious PDF file containing a specially crafted embedded font. The vulnerability is reported in version 8.2.4 (confirmed) and prior and version 9.3.4 (confirmed) and prior.
Click here to read more |
| |
|
|
Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability |
| |
(16 September 2010) |
| |
Microsoft Exchange Server Outlook Web Access is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible. Microsoft Exchange Server 2007 versions prior to Service Pack 3 are reported to be vulnerable.
Click here to read more
|
| |
|
RealPlayer SP Multiple Vulnerabilities |
| |
(30 July 2010) |
| |
Multiple vulnerabilities have been reported in RealPlayer, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.
Click here to read more
|
| |
|
Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities |
| |
(09 August 2010) |
| |
Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application. These issues affect Wireshark 0.8.20 through 1.2.8.
Click here to read more
|
| |
|
Symantec Products File Parsing Multiple Vulnerabilities |
| |
(02 August 2010) |
| |
Secunia Research has discovered multiple vulnerabilities in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Click here to read more
|
| |
|
Adobe Reader gets protected |
| |
(23 July 2010) |
| |
Adobe Reader is to get a new Protected Mode with its next major update, which the company hopes will cut down on the number of malicious attacks.
Click here to read more
|
| |
|
Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability |
| |
(09 July 2010) |
| |
Microsoft Exchange Server Outlook Web Access is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible. Microsoft Exchange Server 2007 versions prior to Service Pack 3 are reported to be vulnerable.
Click here to read more
|
| |
|
Apple Mac OS X CUPS Web Interface Unspecified Information Disclosure Vulnerability |
| |
(21 June 2010) |
| |
Apple Mac OS X is prone to a remote information-disclosure vulnerability. This issue affects the CUPS web interface component. Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks. This issue affects Mac OS X 10.5.8, Mac OS X Server 10.5.8, Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3.
Click here to read more
|
| |
|
Threat Outbreak Alert: Fake Contract Document E-mail Messages on June 3, 2010 |
| |
(04 June 2010) |
| |
Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a legal contract document. The text in the e-mail message instructs the recipient to download the .zip attachment to view the details. However, the .zip file contains a malicious .exe file that, when executed, attempts to infect the targeted system with malicious code.
Click here to read more
|
| |
|
Adobe Photoshop CS4 Multiple Vulnerabilities |
| |
(28 May 2010) |
| |
Some vulnerabilities have been reported in Adobe Photoshop CS4, which can be exploited by malicious people to compromise a user's system.
Click here to read more
|
| |
|
PostgreSQL Multiple Security Vulnerabilities |
| |
(21 May 2010) |
| |
PostgreSQL is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass certain security restrictions and execute arbitrary Perl or Tcl code. These issues affect versions prior to the PostgreSQL versions:8.4.4,8.3.11,8.2.17,8.1.21,8.0.25 7.4.29.
Click here to read more
|
| |
|
Adobe Shockwave Player Multiple Vulnerabilities |
| |
(17 May 2010) |
| |
Some vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.
Click here to read more
|
| |
|
Internet Explorer 8 Cross-Site Scripting Filter ’script’ Tag Cross-Site Scripting Vulnerability |
| |
(27 April 2010) |
| |
An attacker can exploit this issue to bypass intended security measures or to execute arbitrary script code in the context of the user running the application. This may allow them to steal cookie-based authentication credentials and other sensitive data that may aid in further attacks. Other attacks are possible.
Click here to read more
|
| |
|
F-Secure Internet Security May Fail to Detect Malware in Various Archive Format Files |
| |
(22 Apr 2010) |
| |
A vulnerability was reported in F-Secure Internet Security. A remote user can bypass the anti-virus detection.
Click here to read more
|
| |
|
Microsoft Windows ISATAP Component IP Address Spoofing Vulnerability |
| |
(16 April 2010) |
| |
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to an error in the ISATAP component in the way the inner packet's IPv6 source address in a tunneled ISATAP packet is checked. This can be exploited to spoof an IP address thereby bypassing edge or host firewalls and gain knowledge of certain information in responses.
Click here to read more
|
| |
|
IBM Systems Director Incorrect File Permissions Let Local Users Gain Elevated Privileges |
| |
(12 Apr 2010) |
| |
A vulnerability was reported in IBM Systems Director. A local user can obtain elevated privileges on the target system.
Click here to read more
|
| |
|
Microsoft Internet Explorer Unspecified Remote Code Execution Vulnerability |
| |
(02 April 2010) |
| |
Microsoft Internet Explorer is prone to an unspecified remote code-execution vulnerability.
Click here to read more
|
| |
|
Cisco IOS Unified Communications Manager Express Denial of Service Vulnerabilities |
| |
(26 Mar 2010) |
| |
Two vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors in the Unified CME (Communication Manager Express) component when processing SCCP messages. This can be exploited to cause a vulnerable device to reload via a specially crafted SCCP message originating from a registered phone IP addresses.
Click here to read more
|
| |
|
Google Chrome Multiple Vulnerabilities |
| |
(19 March 2010) |
| |
Some vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to conduct spoofing attacks and bypass certain security restrictions.
Click here to read more
|
| |
|
Internet Explorer Unspecified Code Execution Vulnerability |
| |
(11 Mar 2010) |
| |
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified use-after-free error and can be exploited by e.g. tricking a user into viewing a specially crafted web page.
Successful exploitation allows execution of arbitrary code.
Click here to read more
|
| |
|
Microsoft Windows "MsgBox()" HLP File Execution Vulnerability |
| |
(05 March 2010) |
| |
Maurycy Prodeus has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the VBScript "MsgBox()" function allowing the execution of arbitrary HLP files. This can be exploited to execute an HLP file from e.g. an SMB share by tricking a user into pressing F1 when viewing a specially crafted website.
Successful exploitation allows execution of arbitrary commands via HLP macros.
The vulnerability is confirmed with Internet Explorer 7 on a fully patched Windows XP SP3, and additionally reported in Windows 2000 and Windows Server 2003.
Click here to read more
|
| |
|
Google Picasa JPEG Processing Integer Overflow Vulnerability |
| |
(26 February 2010) |
| |
Tielei Wang has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an integer overflow error in
PicasaPhotoViewer.exe when processing JPEG files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted JPEG file and e.g. zooming in.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in PicasaPhotoViewer.exe version 3.6.95.25, included in Google Picasa 3.6 build 95.25. Prior versions may also be affected.
Click here to read more
|
| |
|
Adobe pushes out Flash security fix |
| |
(19 February 2010) |
| |
Adobe has published a cross-platform update for Flash that addresses a potentially serious security flaw.
Click here to read more
|
| |
|
Microsoft Office PowerPoint Multiple Vulnerabilities |
| |
(11 February 2010) |
| |
Multiple vulnerabilities have been reported in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system.
Click here to read more
|
| |
|
Cyberattacks from U.S. "greatest concern" |
| |
(05 February 2010) |
| |
Global companies worry more about cyberattacks from actors based in the United States, not China, according to a survey of 600 information-technology executives released by McAfee on Thursday.
Click here to read more
|
| |
|
Google Chrome Multiple Vulnerabilities |
| |
(29 January 2010) |
| |
Some vulnerabilities and weaknesses have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, or compromise a user's system.
Click here to read more
|
| |
|
Attack on IE 0-day refined by researchers |
| |
(22 January 2010) |
| |
Security researchers start improving the code and publishing their own exploits for IE browser flaw, after the code is published to a malware analysis site.
Click here to read more
|
| |
|
IE flaw gave attackers entry, says McAfee |
| |
(18 January 2010) |
| |
A remotely exploitable flaw in Microsoft's Internet Explorer allowed attackers operating from Chinese servers to infiltrate at least one company, the security firm says.
Click here to read more
|
| |
|
HP Storage Data Protector Buffer Overflow Vulnerabilities |
| |
(22 December 2009) |
| |
Two vulnerabilities have been reported in HP Storage Data Protector, which can be exploited by malicious people to compromise a vulnerable system.
Click here to read more
|
| |
|
Limited attacks target Adobe Acrobat |
| |
(18 December 2009) |
| |
Security groups acknowledge seeing attacks using a critical and unpatched flaw in the Javascript library of Adobe's Acrobat and Reader software.
Click here to read more
|
| |
|
Microsoft, Adobe patch major flaws |
| |
(14 December 2009) |
| |
Both companies release software updates: Microsoft to close 12 holes and Adobe to fix seven vulnerabilities.
Click here to read more
|
| |
|
Roxio Creator Image Rendering Integer Overflow Vulnerability |
| |
(07 December 2009) |
| |
Secunia Research has discovered a vulnerability in Roxio Creator, which can be exploited by malicious people to potentially compromise a user's system.
Click here to read more
|
| |
|
Internet Explorer Layout Handling Memory Corruption Vulnerability |
| |
(01 December 2009) |
| |
A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
Click here to read more
|
| |
|
Survey: Majority of Web sites vulnerable |
| |
(20 November 2009) |
| |
Nearly two-thirds of Web sites have at least one serious security issue that would allow someone to remotely attack the site, a study carried out by WhiteHat Security finds.
Click here to read more
|
| |
|
Microsoft Windows Win32k Kernel-Mode Driver Multiple Vulnerabilities |
| |
(16 November 2009) |
| |
Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.
Click here to read more
|
| |
|
Sun Java JDK / JRE Multiple Vulnerabilities |
| |
(06 November 2009) |
| |
A weakness and some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
Click here to read more
|
| |
|
Hopes high for Windows 7 security |
| |
(30 October 2009) |
| |
Experts hope that Microsoft's focus on making Windows security more friendly will help secure the operating system's users.
Click here to read more
|
| |
|
Oracle Database Multiple Vulnerabilities |
| |
(23 October 2009) |
| |
Some vulnerabilities have been reported in Oracle Database, which can exploited to disclose sensitive information, cause a DoS (Denial of Service), manipulate certain data, or compromise a vulnerable system.
Click here to read more
|
| |
|
Botnet boosts criminals' revenues from Google |
| |
(15 October 2009) |
| |
Victims whose computers have been compromised will have their searchesredirected from Google and its competitors to fake sites that skim off ad revenue.
Click here to read more
|
| |
|
Phishing scam exposes Hotmail passwords |
| |
(09 October 2009) |
| |
Microsoft warns users that thousands of customer credentials were exposed on a third-party site, apparently the result of a phishing campaign.
Click here to read more
|
| |
|
Firms most often infected by smaller botnets |
| |
(02 October 2009) |
| |
While the big botnets get the media attention, smaller collections of compromised PCs are more commonly found inside infected corporate networks.
Click here to read more
|
| |
|
Social-networking sites short on security |
| |
(25 September 2009) |
| |
Web 2.0 sites that allow user-generated content make up the majority of top distributors of malicious software, stated a report that security firm Websense published this week.
Click here to read more
|
| |
|
Mozilla Firefox Multiple Vulnerabilities |
| |
(18 September 2009) |
| |
Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a vulnerable system.
Click here to read more
|
| |
|
Serious security bug found in Windows Vista |
| |
(11 September 2009) |
| |
An independent security consultant publicized this week the details to a critical flaw in the server message block version 2 (SMB2) component of Microsoft's Windows Vista, Windows Server 2008, and the release candidate for Windows 7. The researcher, Laurent Gaffié, claimed in his advisory that the vulnerability causes a Blue Screen of Death, a pernicious crash on Windows system, but other researchers have subsequently concluded that the flaw is actually remotely exploitable, a more serious issue.
Click here to read more
|
| |
|
OpenOffice.org Word Document Table Parsing Vulnerabilities |
| |
(04 September 2009) |
| |
Secunia Research has discovered two vulnerabilities in OpenOffice, which can be exploited by malicious people to potentially compromise a user's system.
Click here to read more
|
| |
|
Potential security issue with Lotus Notes file viewer for Microsoft Excel |
| |
(28 August 2008) |
| |
A vulnerability was reported in IBM Lotus Notes. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted Microsoft Excel file attachment that, when double-clicked and viewed by the target user, will trigger a buffer overflow in key view and execute arbitrary code on the target system. The code will run with the privileges of the target user. Lotus Domino servers are not affected.
Click here to read more
|
| |
|
Cisco Firewall Services Module ICMP Processing Bug Lets Remote Users Deny Service |
| |
(21 August 2008) |
| |
A vulnerability was reported in Cisco Firewall Services Module. A remote user can cause denial of service conditions.
Click here to read more
|
| |
|
Apple patches iPhone SMS vulnerability |
| |
(14 August 2008) |
| |
Consumer technology firm Apple issued a patch to fix a critical iPhone flaw that could have allowed attackers to execute code just by sending a specially-crafted text message.
Click here to read more
|
| |
|
Adobe Acrobat, Adobe Reader and Adobe Flash Player Hold Critical Vulnerabilities |
| |
(07 August 2008) |
| |
Recently a critical vulnerability was discovered in Adobe Flash Player versions 9.0.159.0 and 10.0.22.87.
A new vulnerability within Adobe Flash, was found to be a zero-day vulnerability that has yet to be patched. This same vulnerability appears to extend to Adobe Reader and Adobe Acrobat version 9.1.2, as well as earlier version 9 variants.
Click the following link for more information.
|
| |
|
Worm Conficker/Downadup/Kido widely propagating |
| |
(13 July 2008) |
| |
It has been observed that worm Win32/Conficker/Downadup/kido is spreading widely by exploiting a previously reported Server Service vulnerability described in CERT-In vulnerability note CIVN-2008-170 and Microsoft Security Bulletin MS08-067.
|
| |
|
MySQL Connector/Net is Missing SSL Certificate Validation |
| |
(03 July 2008) |
| |
A vulnerability was reported in MySQL Connector/Net. A remote user can conduct spoofing attacks. MySQL Connector/Net does not validate the remote server's digital certificate when using SSL. A remote user can conduct man-in-the-middle attacks to gain access to the ostensibly protected data.
Click here to go to the link which provides the patch information. |
| |
|
Oracle Database Server Has Multiple Flaws That Let Remote Users Take Control of the Server |
| |
(01 September 2008) |
| |
Multiple vulnerabilities were reported in Oracle's Database Server. A local as well as a remote user can obtain control of the database server. Users are urged to review the bulletin and apply the required security fix issued by Oracle... |
| |
|
Microsoft Releases June Security Bulletin |
| |
(11 June 2008) |
| |
Microsoft has released updates to address vulnerabilities in Microsoft Windows as part of the Microsoft Security Bulletin Summary for June 2008. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service condition
. Users are urged to review the bulletin and apply the required security updates. Click here to go to the microsoft security bulletin for June. |
| |
|
Security bug in HP support app aids hackers |
| |
(09 June 2008) |
| |
Flaws in ActiveX components within HP Instant Support give rise to multiple vulnerabilties... |
| |
|
Phishers Target New Victims on LinkedIn |
| |
(02 June 2008) |
| |
Users of the professional-oriented social networking site LinkedIn are being warned that scam artists are using the site to nab lucrative bank account information from naive victims… |
| |
|
Microsoft Warns Against Using Safari |
| |
(02 June 2008) |
| |
Microsoft warned of a serious risk to people who use Safari on Windows XP or Vista, going so far as to suggest people "restrict use of Safari as a web browser until an appropriate update is available from Microsoft and/or Apple." … |
| |
|
Web 2.0 Sites a Thriving Marketplace for Malware |
| |
(02 June 2008) |
| |
Malicious software makers are using social networks, video sites, and blogs to peddle their wares to other online criminals…… |
| |
|
ActiveX control bug bites Creative Labs AutoUpdate engine |
| |
(02 June 2008) |
| |
A high-severity security flaw in the Creative Software automatic update engine could put Windows computers at risk of remote code execution attacks |
| |
|
Spammers open new front on social networking sites |
| |
(May 16, 2008) |
| |
Social networking sites have become the new front in the war against spam, according to security watchers. |
| |
|
DIY phishing kits introducing new features |
| |
(May 15, 2008) |
| |
What are some of the main factors for the increase of phishing attacks, and their maturity from passive emails to blended threats attempting to not just steal personal information |
| |
| |
Beijing investigates spam attack |
| |
(May 14, 2008) |
| |
China is investigating a spam attack after almost half of China's mobile phone users received unwanted text messages from advertisers.
|
| |
| |
Six botnets churning out 85 percent of all spam |
| |
(May 14, 2008) |
| |
Back in early February, we covered the rapid rise of the Mega-D botnet and its various social-engineering-based attack methods
|
| |
