all InfoSec news
Critical Vulnerability Discovered in Evernote’s Chrome Extension
March 1, 2022, 2:21 p.m. | Guardio
Stories by Guardio on Medium medium.com
Avihay Kain & Ido Schachter, Security Research at Guardio
Originally published on Guardio’s blog in June 2019
https://medium.com/media/de937843e80b9be77bb0d84c5f1ae1ce/hrefIn May 2019 Guardio’s research team has discovered a critical vulnerability in Evernote Web Clipper for Chrome. A logical coding error made it is possible to break domain-isolation mechanisms and execute code on behalf of the user — granting access to sensitive user information not limited to Evernote’s domain. Financials, social media, personal emails, and more are all natural targets. The …
chrome chrome extension critical critical vulnerability evernote extension security vulnerability
More from medium.com / Stories by Guardio on Medium
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts
6 months, 2 weeks ago |
medium.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC
@ SAP | Dublin 24, IE, D24WA02
Product Security Response Engineer
@ Intel | CRI - Belen, Heredia
Application Security Architect
@ Uni Systems | Brussels, Brussels, Belgium
Sr Product Security Engineer
@ ServiceNow | Hyderabad, India
Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)
@ FiscalNote | United Kingdom (UK)