CVE-2020-15864
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft…
CVE-2021-3113
Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies via a direct /session/list/allActiveSession request. For example,…
Joker’s Stash Reportedly Shutting Down Operations
Researchers: Notorious Underground Marketplace Will ‘Retire’ in FebruaryJoker’s Stash, the notorious underground marketplace that has specialized in the sale of…
Magecart Groups Hide Behind ‘Bulletproof’ Hosting Service
Researchers Find Groups Hiding JavaScript Skimmers and Phishing PagesSeveral Magecart groups hide their JavaScript skimmers, phishing domains and other malicious…
Hacker Blows Chance at Early Release By Hacking More
DOJ: Convicted Hacker Ardit Ferizi Faces Additional Criminal ChargesThe U.S. Justice Department has charged Ardit Ferizi, a Kosovo citizen, with…
CVE-2020-35581 (envira_gallery)
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code…
CVE-2020-35582 (envira_gallery)
A stored cross-site scripting (XSS) issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code…
NSA Releases Guidance on Encrypted DNS in Enterprise Environments
Original release date: January 15, 2021 The National Security Agency (NSA) has released an information sheet with guidance on adopting…
Apache Releases Security Advisory for Tomcat
Original release date: January 15, 2021 The Apache Software Foundation has released a security advisory to address a vulnerability affecting…
As Secret Service Deploys to Federal Buildings, Employees Across the Country Are Warned to Stay Away
Security concerns in the run up to the inauguration have agencies taking special precautions.