Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, 0.5.x before 0.5.5, 0.6.0.x before 0.6.0.7, and 0.6.x before 0.6.2 allows remote attackers to cause a denial of service (block-processing outage and incorrect block count) via unknown behavior on a Bitcoin network. Bugs ...
5.4AI Score
0.004EPSS
Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service (process hang) via unknown behavior on a Bitcoin...
5.7AI Score
0.002EPSS
The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and...
4.7AI Score
0.001EPSS
wxBitcoin and bitcoind before 0.3.5 do not properly handle script opcodes in Bitcoin transactions, which allows remote attackers to spend bitcoins owned by other users via unspecified...
5.3AI Score
0.003EPSS
wxBitcoin and bitcoind before 0.3.5 allow remote attackers to cause a denial of service (daemon crash) via a Bitcoin transaction containing an OP_LSHIFT script...
5.1AI Score
0.002EPSS
wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-valued transactions without transaction...
5.7AI Score
0.002EPSS
Charlie Miller Takes on NFC, Charlie Miller Wins
LAS VEGAS–Do not stand near Charlie Miller. Actually, you might not even want to let him walk past you. It’s not that Miller is a bad person, you understand. The problem is that Miller has figured out a couple of methods that enable him–or an attacker–to use the NFC chip in some phones to exploit.....
AI Score
A unspecified denial-of-service attack that could cause the bitcoin process to become unresponsive was...
6.5AI Score
0.002EPSS
PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities
Title: PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities Date: 2012-06-17 References: http://www.vulnerability-lab.com/get_content.php?id=616 VL-ID: 616 Common Vulnerability Scoring System: 2.3 Introduction: PHP-Jobsite v1.36 Content Management System. Recruitment software made Easy. ...
0.4AI Score
7.1AI Score
AI Score
Apple Receives NFC Patent, But Takes It Slow with Mobile Payments
Apple was granted a patent on Tuesday by the United States Patent and Trademark Office for a Near Field Communications (NFC)-enabled travel management application, furthering speculation that the company is readying mobile payment technology for future versions of its iPhone product. The Web site.....
-0.5AI Score
Hacker charged for hacking into U.S. Energy Department
Hacker charged for hacking into U.S. Energy Department Andrew James Miller, a 23-year-old resident of Devon, Pennsylvania, was arrested on Thursday and charged with one count of conspiracy, two counts of computer fraud, and one count of access device fraud, according to a statement issued by...
6.9AI Score
Claims Of Attack On Visa, Mastercard Fizzle
One day after a hacker using the handle “Reckz0r” claims to have infiltrated 79 different banks and leaked information allegedly belonging to Visa and MasterCard customers, there are questions about whether a hack actually occurred. According to a post yesterday on Pastebin, the hacker Reckz0r...
0.1AI Score
7.4AI Score
-0.1AI Score
iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities
iBoutique eCommerce 4.0 - Multiple Web...
0.1AI Score
iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites
Title: iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites Date: 2012-06-02 References: http://www.vulnerability-lab.com/get_content.php?id=588 VL-ID: 588 Common Vulnerability Scoring System: 8.3 Introduction: iScripts EasyCreate is an online web site building tool that can be hosted on...
AI Score
0.7AI Score
7.1AI Score
0.1AI Score
7.4AI Score
Pennsylvania Man Indicted For Hack of Department of Energy Network
A Pennsylvania man was arrested yesterday after a Massachusetts grand jury issued a four-count indictment alleging that he hacked into computer networks belonging to the U.S. Department of Energy (DoE) and the University of Massachusetts and tried to sell access to a DoE supercomputer for $50,000.....
1.8AI Score
0.4AI Score
Mobile Payments: Is Security Taking a Back Seat?
As smartphone technology evolves so does the way we access and interact with the Internet. Today your smartphone is used both as a phone and a computer. For many users, in 3-5 years your smartphone will also become your wallet. With new applications being developed daily, the mobile payments...
2.5AI Score
Global Payments Hack May Have Exposed Information On Individuals, Also
Payment processor Global Payments acknowledged Tuesday that a breach at the company announced in early March may have affected individual consumers, as well as merchants. In an update to its 2012infosecurityupdate.com site, the Atlanta-based company wrote that an ongoing investigation “revealed...
1.8AI Score
Employees Admit They'd Walk Out With Stolen Data If Fired
Privileged accounts have become an important attack vector, and if a recent survey of mostly IT managers and executives is any indication that threat will continue to grow. According to results of ID management provider Cyber-Ark’s sixth annual global “Trust, Security and Passwords Survey,” just...
1AI Score
7.1AI Score
AI Score
7.1AI Score
0.6AI Score
What is the Deep Web? A first trip into the abyss
The Deep Web (or Invisible web) is the set of information resources on the World Wide Web not reported by normal search engines. According several researches the principal search engines index only a small portion of the overall web content, the remaining part is unknown to the majority of web...
6.6AI Score
Global Payments Breach A Year Older Than First Reported
Alerts issued by Visa and Mastercard earlier this week suggest that a breach at payment processor Global Payments dates to January 2011, a full year earlier than the company initially announced. In alerts obtained by Bankinfosecurity.com, the two card companies claim the start of the security...
0.2AI Score
Threat Outbreak Alert: Fake Picture Link Email Messages on September 16, 2013
Low Alert ID: 25964 First Published: 2012 May 18 17:00 GMT Last Updated: 2013 September 17 14:05 GMT Version: 78 Summary Cisco Security has detected significant activity related to spam email messages. The text in the email message instructs the recipient to follow a link or open an...
-0.1AI Score
A CISO's Guide To Application Security – Part 5: Justifying an Investment in AppSec
_This post is the last in a 5-part series on Application Security, or “AppSec”. _ This blog post series has examined the growing threats to software, defined the components of a sound AppSec program, described an evolutionary path to AppSec maturity, and considered a number of tools and...
0.3AI Score
Kickstarter Data Breach Publishes 70,000 Startup Ideas
An application programming interface (API) error on the popular Kickstarter crowdfunding website exposed the plans and descriptions of more than 70,000 yet-to-be launched projects. The API bug exposed project descriptions, goals, durations, rewards, videos, images, locations, categories, and...
0.4AI Score
Breach at Bitcoinica Exchange Nets $87,000 In Online Currency
Unknown hackers penetrated production servers and compromised databases belonging to the Bitcoin exchange, Bitcoinica, making off with some $87,000 worth of the digital currency, according to a statement published on the Bitcoinica Web site. The breach took place Friday, May 11 and resulted in...
0.6AI Score
BitCoin hacked, More than 18,000 Bitcoins Stolen
Bitcoinica, a Bitcoin exchange started by a 17-year old teenager Zhou Tong, has been shut down for security investigations. It's believed that at least 18,000 BTC ($90,000 or 68,000 EUR) have been stolen.News of the hack was posted this morning by Bitcoinica's founder, Zhou Tong: "Today, we have...
6.7AI Score
FBI Concerned About Bitcoin Usage Among Cybercriminals
The Federal Bureau of Investigation has become increasingly concerned over the usage of the mostly-anonymous payment network Bitcoin by hackers and cybercriminals, according to an unclassified report obtained by Wired this week. The report, “Bitcoin Virtual Currency: Unique Features Present...
0.2AI Score
Global Payments Hack Could Span to June 2011, Affect Over 1.5M Cards
The data breach that hit payment processor Global Payments earlier this year could have dated back to June 2011, launching speculation over whether more credit card numbers were stolen than initially reported. Several alerts issued by Visa and Mastercard, obtained by KrebsonSecurity.com, suggest...
1AI Score
0.3AI Score
0.4AI Score
7.1AI Score
7.4AI Score
EPSS
0.3AI Score
7.1AI Score
A CISO's Guide To Application Security – Part 2: The Growing Threat to Applications
Editor’s Note: This post is the second in a multi-part series on Application Security, or “AppSec” prepared by our friends over at application testing firm Veracode. The series will define the components of a sound AppSec program, delineate the growing threats to software, weigh the costs of a...
AI Score
LulzSec hacker pleads guilty in Sony breach
LulzSec hacker pleads guilty in Sony breach Accused LulzSec hacker Cody Kretsinger pleaded guilty today in a federal court in Los Angeles, California, to felony charges associated with the breach of Sony Pictures Entertainment that occurred in mid-2011. The hacker had previously pleaded not...
6.6AI Score
0.6AI Score
How to Make a Data Breach Disappear
For companies that are in the business of collecting, storing or monetizing user data or processing large numbers of transactions, it’s a matter of when, not if, they will suffer a major compromise or data loss. Most recently the giant wheel of pain stopped on Global Payments, but a weird thing...
0.2AI Score