Major News Events

When a major news event happens, cyber criminals will take advantage of the incident and send phishing emails with a subject line related to the event. These phishing emails often include a link to malicious websites, an infected attachment or are a scam designed to trick you out of your money. Source: Sans Tip of […]

Continue Reading

Phishing Scam Spoofs SBA Loan Offer

Malwarebytes Says Campaign Designed to Steal Banking CredentialsMalwarebytes reports that a newly discovered phishing campaign is spoofing a U.S. Small Business Administration loan offer in an attempt to steal banking credentials and other personal data. Source: Bank Info Security Phishing Scam Spoofs SBA Loan Offer

Continue Reading

BEC Scam Targets Executives' Office 365 Accounts

Trend Micro: ‘Water Nue’ Payment Fraud Campaign Has Targeted 1,000 Companies Since MarchA recently uncovered BEC scam has targeted the Office 365 accounts of executives at over 1,000 companies worldwide, collecting more than 800 sets of credentials in an attempt to commit payment fraud, according to Trend Micro. Source: Bank Info Security BEC Scam Targets […]

Continue Reading

CVE-2020-4533 (jazz_reporting_service)

IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182717. Source: NIST Vulnerability CVE-2020-4533 (jazz_reporting_service)

Continue Reading

CVE-2020-4539 (jazz_reporting_service)

IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Source: NIST Vulnerability CVE-2020-4539 (jazz_reporting_service)

Continue Reading

CVE-2020-4541 (jazz_reporting_service)

IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039. Source: NIST Vulnerability CVE-2020-4541 (jazz_reporting_service)

Continue Reading