411 matches found
OpServices OpMon Cross-Site Scripting Vulnerability
OpServices OpMon is IT infrastructure monitoring software from OpServices Brazil. It can help your organization manage events in an automated manner.OpServices OpMon version 9.11 has a cross-site scripting vulnerability that can be exploited by attackers to execute JavaScript code on the client...
sei-v3.londrina.pr.gov.br Cross Site Scripting vulnerability OBB-2453791
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
TEM FLEX-1080 和 TEM FLEX-1085 信息泄露漏洞
The TEM FLEX-1080 and TEM FLEX-1085 are both a home WiFi annunciator kit from TEM Brazil. A security vulnerability exists in TEM FLEX-1080 and FLEX-1085 1.6.0, which originates from information disclosure in log.cgi of the component Log Handler...
Chaes Banking Trojan Hijacks Chrome Browser with Malicious Extensions
A financially-motivated malware campaign has compromised over 800 WordPress websites to deliver a banking trojan dubbed Chaes targeting Brazilian customers of Banco do Brasil, Loja Integrada, Mercado Bitcoin, Mercado Livre, and Mercado Pago. First documented by Cybereason in November 2020, the...
New Android Malware Targeting Brazil's Itaú Unibanco Bank Customers
Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge. "This application has a similar icon and name that could trick...
New Android Malware Targeting Brazil's Itaú Unibanco Bank Customers
Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge. "This application has a similar icon and name that could trick...
US Wins Appeal to Extradite Julian Assange
Plus: Bluetooth security, a Brazil hack, and more of the week's top security news...
WiFi software management firm exposed millions of users’ data
By Waqas Brazil-based WiFi management software firm WSpot exposed extensive details of high-profile firms and millions of customers. This is a post from HackRead.com Read the original post: WiFi software management firm exposed millions of users data...
Stark Bank Data Forgery Issue Vulnerability (CNVD-2021-95644)
Stark Bank is a banking API for individual developers in Brazil that performs all banking operations through the API, simplifying and automating payments, facilitating reconciliations, and scaling operations. a data forgery issue vulnerability exists in Stark Bank python-ecdsa, which stems from t...
Stark Bank Data Forgery Problem Vulnerability (CNVD-2021-95642)
Stark Bank is a banking API for individual developers in Brazil.Perform all banking operations through an API that simplifies and automates payments, facilitates reconciliations, and scales operations. Stark Bank ecdsa-elixir suffers from a Data Forgery Issue vulnerability that stems from the...
Stark Bank 数据伪造问题漏洞
Stark Bank is a banking API for individual developers in Brazil.Perform all banking operations through an API that simplifies and automates payments, facilitates reconciliations, and scales operations. Stark Bank ecdsa-elixir suffers from a Data Forgery Issue vulnerability that stems from the...
moneyweek.com.br Improper Access Control vulnerability OBB-2243658
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Philips Tasy EMR
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Philips Equipment: Tasy EMR Vulnerabilities: SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in patient’s confidential data...
Hackers Targeting Brazil's PIX Payment System to Drain Users' Bank Accounts
Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil's instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account balances into another bank account under cybercriminals' control...
Russian electronic voting system hit by 19 DDoS attacks in one day
By Waqas According to local Russian media, these DDoS attacks originated from several different countries including India, China, Brazil, Russia, and the US. This is a post from HackRead.com Read the original post: Russian electronic voting system hit by 19 DDoS attacks in one day...
Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps
Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service DDoS attack recorded to date. The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industr...
Arrests of members of Tetrade seed groups Grandoreiro and Melcoz
Spains Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz also known as Mekotio cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe...
Oh FCUK! Fashion Label, Medical Diagnostics Firm Latest REvil Victims
U.K.-based fashion brand French Connection, which advertises under the acronym “FCUK,” confirmed that it has been compromised by ransomware group REvil. Just hours later, Brazilian medical diagnostics firm Grupo Fleury announced it had the same misfortune. The twin attacks reveal shifting...
BRATA Malware Poses as Android Security Scanners on Google Play Store
A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. "These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in...
Experts uncover a new Banking Trojan targeting Latin American users
Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government. Dubbed "Janeleiro" by Slovak cybersecurity firm ESET, the...