167 matches found
VICIdial Authenticated Remote Code Execution
Vulnerability Details Affected Vendor: VICIdial Affected Product: VICIdial Affected Version: 2.14-917a Platform: GNU/Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' CVE ID: CVE-2024-8504 2. Vulnerability Description An...
Security Bulletin: IBM Call Center is subject to vulnerability regarding an XML service, a remote attacker could exploit this vulnerability to consume available CPU resources.
Summary IBM Call Center removed parts of a legacy code that carried vulnerabilites. The code did contain CVE-2009-2625, CVE-2013-4002, CVE-2020-14338, CVE-2022-23437, CVE-2012-0881, however the specific code related to the vulnerability is not in use, therefore the risk is lower. This bulletin...
Investment fraud a serious money maker for criminals
Europols’s spotlight report ‘Online fraud schemes: a web of deceit’, looks into online fraud schemes—a major crime threat in the EU and beyond—and one of the reports primary themes is investment fraud. But first I want to share some more remarkable conclusions from the report: Charity scams that...
State of Maine data breach impacts 1.3 million people
The US State of Maine says it has suffered a data breach impacting around 1.3 million people. According to the census from July 2022, thats more or less the the entire population of Maine. The State of Maine says it was compromised via a known vulnerability in secure transfer service MOVEit...
Saphira Connect SQL Injection Vulnerability
Saphira Connect is a telephone exchange and call center server mobile application from Saphira Connect, Inc. An SQL injection vulnerability exists in versions prior to Saphira Connect 9 that stems from incorrect neutralization of specific elements used by the system...
Saphira Connect Security Vulnerability
Saphira Connect is a mobile application for telephone exchange and call center servers from Saphira Connect, Inc. Security vulnerabilities exist in versions prior to Saphira Connect 9 that could be exploited by an attacker to execute remote code...
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...
CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million
Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The syndicate's massive fake investment scheme...
CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million
Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The syndicate's massive fake investment scheme...
Cisco Finesse Denial of Service Vulnerability
Cisco Finesse is a set of call center management software from the U.S. company Cisco Cisco. Cisco Finesse suffers from a denial of service vulnerability that stems from incorrect IP address filtering by the reverse proxy, which can be exploited by an attacker to cause a denial of service DoS...
CVE-2022-4422
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...
CVE-2022-4422
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...
Sql injection
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...
CVE-2022-4422
The CVE-2022-4422 issue affects Bulutses Information Technologies’ Call Center System prior to version 3.0. It is an unauthenticated SQL Injection vulnerability in the application (component/feature not explicitly named in the documents) that could allow arbitrary SQL execution. The vulnerability...
CVE-2022-4422 SQLi in Bulutdesk Callcenter
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...
CVE-2022-4422 SQLi in Bulutdesk Callcenter
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...
PT-2023-14436 · Bulutses Information Technologies · Bulutses Call Center System
Name of the Vulnerable Software and Affected Versions: Bulutses Information Technologies Call Center System versions prior to 3.0 Description: The issue is related to an unauthenticated Sql Injection vulnerability. This vulnerability has been fixed in version 3.0. Recommendations: For versions...
CVE-2022-4422
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0...
Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation
Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in th...