18 matches found
CVE-2026-35448
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the BlockonomicsYPT plugin's check.php endpoint returns payment order data for any Bitcoin address without requiring authentication. The endpoint was designed as an AJAX polling helper for the authenticated invoice.php page...
CVE-2026-35448
CVE-2026-35448 / GHSA-3V7M-QG4X-58H9 : The BlockonomicsYPT integration in AVideo exposes an unauthenticated check.php endpoint that returns payment order data for any Bitcoin address without requiring login or access control. The endpoint accepts an addr parameter and returns fields such as id, u...
Missing Authorization
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authorization via the check.php process. An attacker can access sensitive payment order data, including user IDs, transaction amounts, and status, by sendi...
Inside LockBit: Technical, Behavioral, and Financial Anatomy of a Ransomware Empire
LockBit has evolved from an obscure Ransomware-as-a-Service newcomer in 2019 to the most prolific ransomware franchise of 2024. Leveraging a recently leaked MySQL dump of the gang's management panel, this study offers an end-to-end reconstruction of LockBit's technical, behavioral, and financial...
EUVD-2015-6896
Malware in sbrugna...
Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations
The LockBit ransomware gang recently suffered a significant data breach. Their dark web affiliate panels were defaced with the message "Don't do crime CRIME IS BAD xoxo from Prague," linking to a MySQL database dump. This archive contains a SQL file from LockBit's affiliate panel database that...
The vulnerability of libraries for generating Bitcoin addresses and private keys in PyCryptodome and PyCryptodomeX lies in the exposure to information disclosure due to inconsistencies. This vulnerability allows attackers to gain unauthorized access to protected information.
The vulnerability of libraries for generating Bitcoin addresses and private keys in PyCryptodome and PyCryptodomeX involves information disclosure due to mismatches in their functionality. Exploiting this vulnerability could allow an unauthorized attacker to gain unauthorized access to protected...
CVE-2015-6964
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. Attackers cannot realistically steal these fees for themselves. This occurs because there is no message authenticati...
Authentication flaw
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. Attackers cannot realistically steal these fees for themselves. This occurs because there is no message authenticati...
CVE-2015-6964
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. Attackers cannot realistically steal these fees for themselves. This occurs because there is no message authenticati...
CVE-2015-6964
MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. Attackers cannot realistically steal these fees for themselves. This occurs because there is no message authenticati...
De-anonymizing Bitcoin
Andy Greenberg wrote a long article -- an excerpt from his new book -- on how law enforcement de-anonymized bitcoin transactions to take down a global child porn ring. Within a few years of Bitcoins arrival, academic security researchers -- and then companies like Chainalysis -- began to tear...
Bizarro: a banking Trojan full of nasty tricks
Researchers have discovered a new banking Trojan that has been found targeting customers of European and South American banks. They have dubbed the new Trojan Bizarro. How does Bizarro spread? The Bizarro malware spreads via Microsoft Installer MSI packages. Identified sources so far have been sp...
NetWalker Ransomware Rakes in $29M Since March
The NetWalker ransomware has been around for about a year, but it has really made a name for itself in 2020, racking up around $29 million in extortion gains just since March. First detected in August 2019, NetWalker lingered around before surging in use in March through June, according to an...
Sextortion profits decline despite higher volume, new techniques
Post authored by Nick Biasini and Jaeson Schultz. Sextortion spammers continue blasting away at high volume. The success they experienced with several high-profile campaigns last year has led these attackers to continue transmitting massive amounts of sextortion email. These sextortion spammers...
Datasploit - An OSINT Framework To Perform Various Recon Techniques On Companies, People, Phone Number, Bitcoin Addresses, Etc., Aggregate All The Raw Data, And Give Data In Multiple Formats
Overview of the tool: Performs OSINT on a domain/email/username/phone and find out information from different sources. Correlate and collaborate the results, show them in a consolidated manner. Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc. relat...
SamSam Ransomware Attacks Extorted Nearly $6 Million
Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example. New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started...
WannaCry: What We Know
On Friday, May 12, news agencies around the world reported that a new ransomware threat was spreading rapidly. Akamai's incident response teams and researchers worked quickly to understand this new threat and how to mitigate it. This blog post is a summary of what Akamai knows at this point...