Security Bulletin: IBM Safer Payments vulnerable to denial of service attack (CVE-2023-27556)
Summary The API and MCI interfaces of IBM Safer Payments are vulnerable to the Slowloris denial of service attack. This vulnerability is addressed Vulnerability Details ** CVEID: CVE-2023-27556 DESCRIPTION: **IBM Counter Fraud Management for Safer Payments does not properly allocate resources...
7.5CVSS
7AI Score
0.001EPSS
Security Bulletin: Multiple publicly disclosed OpenSSL vulnerabilities affect IBM Safer Payments
Summary OpenSSL is used by IBM Safer Payments as part of all secure network communications. These vulnerabilities have been addressed. Vulnerability Details ** CVEID: CVE-2022-4304 DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing-based side...
7.5CVSS
7.9AI Score
0.004EPSS
Summary JSZip is used by IBM Safer Payments as part of the user interface. This vulnerability has been addressed. Vulnerability Details ** CVEID: CVE-2022-48285 DESCRIPTION: **JSZip could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize filenames...
7.3CVSS
7.8AI Score
0.006EPSS
Security Bulletin: IBM Safer Payments vulnerable to Denial Of Service Attacks (CVE-2020-4729)
Summary IBM Safer Payments can be crashed by sending specially crafted API calls. This vulnerability has been addressed. Vulnerability Details ** CVEID: CVE-2020-4729 DESCRIPTION: **IBM Counter Fraud Management for Safer Payments could allow an authenticated attacker under special circumstances...
5.3CVSS
5.9AI Score
0.001EPSS
Summary IBM Safer Payments versions uses OpenSSL. This vulnerability is addressed. Vulnerability Details ** CVEID: CVE-2021-3712 DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending...
7.4CVSS
7.4AI Score
0.004EPSS
Summary IBM Safer Payments uses OpenSSL. These OpenSSL vulnerabilities are addressed in IBM Safer Payments. Vulnerability Details ** CVEID: CVE-2021-23839 DESCRIPTION: **OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the...
7.5CVSS
7AI Score
0.008EPSS
Security Bulletin: IBM Safer Payment affected by OpenSSL Racoon Attack (CVE-2020-1968)
Summary IBM Safer Payments uses OpenSSL. This vulnerability is addressed. Vulnerability Details ** CVEID: CVE-2020-1968 DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a Raccoon attack in the TLS specification. By computing the pre-master secret in...
3.7CVSS
4.5AI Score
0.004EPSS
Summary CVE-2021-3449: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signature_algorithms processing. By sending a specially crafted renegotiation ClientHello message from a client, a remote attacker could exploit this vulnerability to cause the TLS server...
7.4CVSS
7.1AI Score
0.005EPSS
Summary IBM Safer Payments is affected by OpenSSL Segmentation fault vulnerability. This issue has been addressed. Vulnerability Details ** CVEID: CVE-2020-1967 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to...
7.5CVSS
7.4AI Score
0.081EPSS
Fake Flipper Zero sellers are after your money
Thanks to Malwarebytes' Stefan Dasic who provided the research and screenshots for this article. Flipper Zero, a "multi-tool device for hackers", is frequently out of stock due to its popularity in hardware circles. Flipper Zero combines research and penetration hardware tools into a single unit......
6.4AI Score
Threat Roundup for April 14 to April 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 14 and April 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...
7.4AI Score
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay
Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If...
7.1CVSS
5.7AI Score
0.001EPSS
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay
Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If...
7.1CVSS
5.7AI Score
0.001EPSS
FTC tackles tech support scams by chasing payment processor firms
A multinational payment processing company and two of its executives are facing a potential $650k fine as a result of allegedly processing credit card payments for tech support scammers. While this fine isn't exactly massive in comparison to some of the privacy breaches and other incidents seen...
6.5AI Score
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay
Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain...
6.5AI Score
EPSS
Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL...
7.1CVSS
6.2AI Score
0.001EPSS
Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL...
6.1CVSS
6.6AI Score
0.001EPSS
Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL...
7.1CVSS
5.9AI Score
0.001EPSS
Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL...
6.1CVSS
6AI Score
0.001EPSS
CVE-2023-30614 Improper Neutralization of Script-Related HTML Tags in a Web Page in pay
Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions prior to 6.3.2 a payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL...
7.1CVSS
6.8AI Score
0.001EPSS
Instagram scam promises money in exchange for your image
We're seeing a number of complaints on Reddit and elsewhere regarding a scam which flares up every so often. It's called the "Muse scam", and targets users of Instagram. Let's hear from one of the Reddit posters impacted: An artist approached me on Instagram asking if they could use one of my...
6.4AI Score
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Book/Internal Transfer). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
4.6CVSS
4.3AI Score
0.001EPSS
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Book/Internal Transfer). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
4.6CVSS
3.9AI Score
0.001EPSS
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Book/Internal Transfer). Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
4.6CVSS
4.2AI Score
0.001EPSS
Swatting-as-a-Service is a growing and complicated problem to solve
One Telegram channel has been found to be behind a great deal of swatting incidents in the US. Using the anonymity provided by Telegram, caller ID spoofing, and voices generated by Artificial Intelligence (AI), a person or group of persons calling themselves Torswats is suspected to be behind...
6.4AI Score
AIX 7.2 TL 5 : commonshttp (IJ44994)
https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server.....
7.4AI Score
0.002EPSS
Oracle Critical Patch Update Advisory - April 2023
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches...
9.9CVSS
7.7AI Score
0.975EPSS
AIX 7.3 TL 1 : commonshttp (IJ44987)
https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server.....
7.4AI Score
0.002EPSS
AIX 7.1 TL 5 : commonshttp (IJ45221)
https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server.....
7.4AI Score
0.002EPSS
AIX 7.3 TL 0 : commonshttp (IJ45224)
https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server.....
7.4AI Score
0.002EPSS
4.3CVSS
4.8AI Score
0.0005EPSS
Bitcoin / AltCoin Payment Gateway <= 1.7.1 - Unauthenticated SQLi
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated users PoC Setup: 1. Install woocommerce (dependency, no setup required) 2. Install the vulnerable plugin (woo-altcoin-payment-gateway version...
9.8CVSS
9.8AI Score
0.002EPSS
Bitcoin / AltCoin Payment Gateway <= 1.7.1 - Unauthenticated SQLi
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated...
9.8CVSS
9.8AI Score
0.002EPSS
Summary A vulnerability in Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks (CVE-2012-5783). AIX ships Apache Commons HttpClient as part of Electronic Customer Care. Vulnerability Details ** CVEID: CVE-2012-5783 DESCRIPTION: **Apache Commons HttpClient, as used...
4.8AI Score
0.002EPSS
AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient
IBM SECURITY ADVISORY First Issued: Thu Apr 13 13:44:57 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/commonshttp_advisory.asc Security Bulletin: AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient...
6.2AI Score
0.002EPSS
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...
6.5AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 3, 2023 to Apr 9, 2023)
Last week, there were 97 vulnerabilities disclosed in 63 WordPress Plugins and 5 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 28 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in....
9.8CVSS
8.7AI Score
EPSS
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent...
6.7AI Score
Sextortion "assistance" scammers con victims further
The FBI is warning of a particular aspect of sextortion scams: Supposed organisations that offer "help" to remove stolen images, often at a significant financial cost (and no guarantee of success). Sextortion, the act of blackmailing individuals for cash in return for not leaking sensitive imagery....
6.3AI Score
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the....
9.8CVSS
9.6AI Score
0.924EPSS
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the....
9.8CVSS
9.7AI Score
0.924EPSS
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the....
9.8CVSS
7.3AI Score
0.924EPSS
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the....
9.8CVSS
9.6AI Score
0.924EPSS
Following the Lazarus group by tracking DeathNote campaign
The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. We have previously published information about the connections of each cluster of this group. In this blog, we'll focus on an active cluster that we dubbed DeathNote because the malware responsible for...
8.1AI Score
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the....
9.8AI Score
0.924EPSS
Security fix for the ALT Linux 10 package yandex-browser-stable version 23.3.1.916-alt1
April 11, 2023 Yandex Browser Team 23.3.1.916-alt1 - Browser updated to 23.3.1 + Critical CVE-2023-0941: Use after free in Prompts. + High CVE-2023-0927: Use after free in Web Payments API. + High CVE-2023-0928: Use after free in SwiftShader. + High CVE-2023-0929: Use after free in...
8.8CVSS
7.8AI Score
0.007EPSS
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...
6.1CVSS
6AI Score
0.0005EPSS
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...
5.9CVSS
4.8AI Score
0.0005EPSS
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...
4.8CVSS
5.4AI Score
0.0005EPSS
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...
7.1CVSS
5.7AI Score
0.0005EPSS