all InfoSec news
Critical Vulnerability Discovered in Evernote’s Chrome Extension
March 1, 2022, 2:21 p.m. | Guardio
Stories by Guardio on Medium medium.com
Avihay Kain & Ido Schachter, Security Research at Guardio
Originally published on Guardio’s blog in June 2019
https://medium.com/media/de937843e80b9be77bb0d84c5f1ae1ce/hrefIn May 2019 Guardio’s research team has discovered a critical vulnerability in Evernote Web Clipper for Chrome. A logical coding error made it is possible to break domain-isolation mechanisms and execute code on behalf of the user — granting access to sensitive user information not limited to Evernote’s domain. Financials, social media, personal emails, and more are all natural targets. The …
chrome chrome extension critical critical vulnerability evernote extension security vulnerability
More from medium.com / Stories by Guardio on Medium
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts
7 months, 2 weeks ago |
medium.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC