WordPress Bitcoin Payments – Blockonomics Security Vulnerabilities
PayPal Unfreezes Secure Email Startup ProtonMail's Account
PayPal unfroze the account of Swiss secure email upstart ProtonMail late this morning, freeing at least $300,000 the service raised, that for a day, had seemingly been left in limbo. A blog post by ProtonMail CEO Andy Yen Monday claimed that his company’s account had been “restricted pending...
-0.4AI Score
PayPal Freezes $275,000 Campaign Funds of Secure-Email Startup 'ProtonMail'
ProtonMail, an End-to-End Encrypted email service developed by MIT, Harvard and CERN researchers, who already received over $275,000 from a crowdfunding campaigns to their PayPal account, and was so much excited to launch its beta version, but just before that PayPal freezes their account without.....
6.4AI Score
7.1AI Score
7.1AI Score
Bs Auto_Classifieds Script - (articlesdetails.php) SQL Injection Vulnerability
No description provided by...
7.1AI Score
7.1AI Score
7.1AI Score
Online Rental Property Script <= 4.5 (pid) SQL Injection Vulnerability
No description provided by...
7.1AI Score
7.1AI Score
PHP Classifieds 6.20 - Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities
No description provided by...
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
SAS Hotel Management System user_login.asp SQL Injection Vulnerability
No description provided by...
7.1AI Score
7.1AI Score
7.1AI Score
Wordpress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability
No description provided by...
7.1AI Score
ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability
No description provided by...
7.1AI Score
7.1AI Score
7.1AI Score
Medium Alert ID: 34765 First Published: 2014 June 27 11:26 GMT Last Updated: 2014 September 5 12:59 GMT Version: 45 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat...
0.1AI Score
简要描述: KesionCMS存储型xss漏洞可打任意用户 详细说明: 这里选择用KesionCMS官方体验地址http://demo.kesion.com/ 该存储型xss漏洞存在于发送消息处 这里我们用bitcoin100向另外一个用户bitcoin发送消息, 发送消息时,在内容中插入xss代码 swf是我自己控制的,可以盗取cookies 未过滤这个代码 导致攻击任意账户 漏洞证明:...
7.1AI Score
Hey guys, I put this down as a 2nd bug as it may have been overlooked from the previous report and I figured it'd be easier to track a fix and add comments separately... When completing an order it looks like it may be possible to pay an arbitrary amount - what happens is a request is generated to....
0.3AI Score
Threat Outbreak Alert RuleID10422: Email Messages Distributing Malicious Software on June 23, 2014
Medium Alert ID: 34696 First Published: 2014 June 24 12:50 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID10422) may contain the following...
0.3AI Score
Threat Outbreak Alert RuleID10404: Email Messages Distributing Malicious Software on June 23, 2014
Medium Alert ID: 34682 First Published: 2014 June 23 14:51 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID10404) may contain the following...
0.3AI Score
Research Project Pays People to Infect their Machines
It’s been well documented that people will give up their computer passwords for a piece of chocolate. But what would they be willing to give up for a dollar—or even a penny? Plenty as it turns out. Incentivized by a minimal amount of cash, computer users who took part in a study conducted by...
-0.6AI Score
Hacker Exploits NAS Vulns to Mine $620K in Dogecoin
A hacker, well-versed in malware and exploit development, took advantage of vulnerabilities in Synology network attached storage boxes popular with home users to mine more than $600,000 worth of the digital currency Dogecoin. Researchers Pat Litke and David Shear of Dell SecureWorks’ Counter...
-0.4AI Score
7.1AI Score
7.1AI Score
Coinbase: 2FA settings allowed to be changed with no delay/freeze on funds
With the nature of bitcoin's instant transactions and the increase level of phishing/malware attempts on users, many bitcoin related businesses have freeze/delays on funds once a user changes their 2FA settings. That design keeps the 2FA from being defeated instantly if the user's email account...
7.3AI Score
Ten Years Later, Cabir Worm's Place in History is Unique
It’s difficult to remember now–and seems quaint even if you can recall it–but there was a time in the not-so-distant past when industry analysts and security experts were worried about the coming mobile malware apocalypse. Self-replicating malware would soon be flooding our phones, deleting our...
-0.4AI Score
Hackers Breach Dominos France, Demand Ransom Payment
A group of hackers calling itself ‘Rex Mundi’ claims it has breached vulnerable servers belonging to Domino’s France and Belgium, stealing the sensitive information of nearly 600,000 customers. The group is demanding a payment of €30,000 from Domino’s in exchange for information about the...
0.3AI Score
U.S. Marshals Auctioning Off Seized Silk Road Bitcoins
If any further evidence was required that up is down and black is white, the United States government is now in the business of selling Bitcoins. At least for one day. The U.S. Marshals Service is planning to hold a one-day auction on June 27 to sell nearly 30,000 Bitcoins the government seized in....
-0.5AI Score
LoopHole in PayPal Terms Allows Anyone to Double PayPal Money Endlessly
Many of us own a PayPal account for easy online transactions, but most of us don’t have balance in our PayPal Account. But what will happen if your money doubles, triple...or even more folds in just some couple of hours ?? Sounds cherishing!! A loophole in the popular digital payment and money...
6.6AI Score
Threat Outbreak Alert RuleID10277: Email Messages Distributing Malicious Software on May 27, 2016
Medium Alert ID: 34577 First Published: 2014 June 10 12:51 GMT Last Updated: 2016 June 2 11:57 GMT Version: 87 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat...
0.3AI Score
简要描述: phpok4.0.556过滤不严格,导致存储型xss跨站产生,利用此漏洞我们可以盗取用户cookie(包括管理员) 详细说明: 该存储型xss漏洞位于发表评论处, 用户bitcoin在评论过程中插入xss代码 <svg/onload=alert(document.cookie)> 自己浏览触发 管理后台审核的时候,成功触发 漏洞证明:...
7.1AI Score
Threat Outbreak Alert RuleID10268: Email Messages Distributing Malicious Software on June 9, 2014
Medium Alert ID: 34563 First Published: 2014 June 9 15:31 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID10268) may contain the following...
0.4AI Score
New Ransomware Malware takes Advantage of Windows PowerShell
Ransomware is one of the most blatant and obvious money making schemes for cybercriminals and it was most likely to be known when last year Cryptolocker ransomware targeted millions of computers worldwide. Recently, security researchers at the Antivirus firm_ TrendLabs_ have unearthed another...
6.5AI Score
WePay: Typical form vulnerable to csrf attack
See the form you give here. This is provided by you to change settings without logging in. You have supplied a 'csrf token' and 'ounce'. eg. https://stage.wepay.com/email/manage/170395/[hash] But, i bypassed your csrf by just removing values of tokens and submitting it blank. And it worked. Hope,.....
6.9AI Score
7.1AI Score
0.7AI Score
FBI, European Authorities Go After GameOver Zeus Botnet
UPDATE–Law enforcement agencies in Europe and the United States, including Europol and the FBI, ran a coordinated takedown of the GameOver Zeus botnet on Friday, seizing servers and disrupting the botnet’s operation. Authorities say that the same botnet has been used to distribute the...
-0.2AI Score
Fake WeChat App Targeting Android Users with Banking Trojan
After Whatsapp, The Chinese WeChat is the second most popular messaging application and currently being targeted by cybercriminals to spread a new Banking Trojan in order to steal the financial information from its users. WeChat is a famous mobile instant messaging app developed by Chinese company....
6.7AI Score
CryptoLocker Ransomware Competitor May Have Fatal Flaw
CryptoLocker certainly changed the ransomware game last year when it threatened its victims with the loss of important files if a timely ransom payment was not made. Reportedly, criminal gangs utilizing this dangerous type of ransomware were earning hundreds of thousands of dollars per month....
0.4AI Score
ProtonMail: 'NSA-Proof' End-to-End Encrypted Email Service
The Edward Snowden revelations triggered a large-scale movement worldwide towards deploying encryption across the Internet for secure services, which is something the government agencies like NSA and GCHQ have targeted repeatedly, as exemplified by abruptly shutting down Lavabit, a Texas-based...
6.2AI Score
Spam Tweets 'US Government Trying to Shut Down Bitcoin' Spreading Malware
The Security Software company Malwarebytes has discovered a malicious scam spreading through rogue tweets by a number of fake Twitter accounts with a link to a story that says the United States Government is trying to ban cryptocurrency Bitcoin. “The majority of the accounts pushing these things...
6.8AI Score
简要描述: KesionCMS存储型xss漏洞,可打任意用户 详细说明: 这里选择用KesionCMS官方体验地址http://demo.kesion.com/ 该存储型xss漏洞存在于发送消息处 这里我们用bitcoin100向另外一个用户bitcoin发送消息, 发送消息时,在内容中插入xss代码 "> 目标用户bitcoin查看消息即可成功触发 漏洞证明:...
7.1AI Score
eBay Password Database Hack Raises Questions
As is the case with most high-profile data breaches, despite an initial disclosure of information, more questions are inevitable. The eBay password database hack is a prime example. Inquiring minds still want to know more about how the stolen passwords are secured and why the online auction...
AI Score