Lucene search
K

25 matches found

Schneier on Security
Schneier on Security
added 2026/01/14 5:0 p.m.6 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET. I’m speaking at the Université de Montréal in Montreal, Quebec, Canada, on January 29, 2026, at 4:00...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/04/01 12:21 a.m.24 views

Ross Anderson

Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I cant remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.5 views

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4.14...

6.5CVSS6.4AI score0.00267EPSS
Exploits0References4
Krebs on Security
Krebs on Security
added 2023/05/09 2:5 p.m.18 views

Feds Take Down 13 More DDoS-for-Hire Services

The U.S. Federal Bureau of Investigation FBI this week seized 13 domain names connected to "booter" services that let paying customers launch crippling distributed denial-of-service DDoS attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when...

7AI score
Exploits0
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.8 views

Cambridge Xen 信息泄露漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. An information disclosure vulnerability exis...

5.5CVSS5.6AI score0.00321EPSS
Exploits0References6
CNVD
CNVD
added 2021/05/07 12:0 a.m.12 views

Exim Out-of-Bounds Read Vulnerability

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. Exim suffers from an out-of-bounds read vulnerability that stems from pdkimfinishbodyhash not validating the relationship between sig-bodyhash.len and b-bh.len, which can be...

7.5CVSS6.2AI score0.02712EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/07 12:0 a.m.14 views

Exim out-of-bounds read vulnerability (CNVD-2021-34537)

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. An out-of-bounds read vulnerability exists in smtpsetupmsg in Exim, which can be exploited by an attacker to obtain sensitive information from process memory via an SMTP client...

7.5CVSS6AI score0.02556EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/05/04 12:0 a.m.6 views

Exim 缓冲区错误漏洞

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. Exim suffers from a buffer overflow vulnerability. The vulnerability stems from a "-F" handling error in parsefixphrase. No details of the vulnerability are available at this tim...

7.8CVSS6AI score0.00399EPSS
Exploits1References6
Openbugbounty
Openbugbounty
added 2020/08/04 9:4 p.m.34 views

amantuuh.socanth.cam.ac.uk Cross Site Scripting vulnerability OBB-1250758

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/06/06 12:17 p.m.9 views

platonism.divinity.cam.ac.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1186453 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Exploits0
Krebs on Security
Krebs on Security
added 2020/05/29 8:23 p.m.42 views

Career Choice Tip: Cybercrime is Mostly Boring

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/19 9:30 p.m.135 views

Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections

A recent phishing campaign by Iran-linked threat actor APT34 made use of a savvy approach: Asking victims to join their social network. According to FireEye, the adversaries masqueraded as a Cambridge University lecturer, including setting up a LinkedIn page, in order to gain victims’ trust. From...

0.7AI score
Exploits0References7
FireEye
FireEye
added 2019/07/18 12:0 a.m.22 views

Hard Pass: Declining APT34’s Invite to Join Their Professional Network

Background With increasing geopolitical tensions in the Middle East, we expect Iran to significantly increase the volume and scope of its cyber espionage campaigns. Iran has a critical need for strategic intelligence and is likely to fill this gap by conducting espionage against decision makers a...

0.6AI score
Exploits0References6
Openbugbounty
Openbugbounty
added 2018/10/05 8:58 a.m.20 views

idiscover.lib.cam.ac.uk XSS vulnerability

Open Bug Bounty ID: OBB-682742 Description| Value ---|--- Affected Website:| idiscover.lib.cam.ac.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/07/16 1:38 p.m.9 views

nena.ames.cam.ac.uk XSS vulnerability

Open Bug Bounty ID: OBB-264974 Description| Value ---|--- Affected Website:| nena.ames.cam.ac.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/05/25 7:30 p.m.27 views

Security and Human Behavior (SHB 2017)

I'm in Cambridge University, at the tenth Workshop on Security and Human Behavior. SHB is a small invitational gathering of people studying various aspects of the human side of security, organized each year by Ross Anderson, Alessandro Acquisti, and myself. The 50 or so people in the room include...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/02/22 11:11 a.m.19 views

trinhall.cam.ac.uk XSS vulnerability

Vulnerable URL: http://www.trinhall.cam.ac.uk/contact/contact-directory.asp?searchType=fellows=xss4=2='"--!=Search+Fellows Details: Description| Value ---|--- Patched:| Yes, at 22.02.2017 Latest check for patch:| 22.02.2017 15:43 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/01/05 4:34 a.m.8 views

koo.corpus.cam.ac.uk XSS vulnerability

Vulnerable URL: http://koo.corpus.cam.ac.uk/mixerton/mixertones/spec.php?usecode=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:55 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/12/12 10:57 a.m.14 views

data.lib.cam.ac.uk XSS vulnerability

Vulnerable URL: http://data.lib.cam.ac.uk/record.php?uri=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Googl...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2014/08/07 3:7 p.m.10 views

Expert Warns of Chip-and-PIN Pitfalls

LAS VEGAS – The inevitable changeover from magnetic strip-based payment cards to EMV, or chip-and-PIN, is coming for consumers and merchants in the United States. And coming along with it are a raft of weaknesses and real-world attacks that shoot holes in the presumption that EMV will remedy cred...

7.1AI score
Exploits0References1
Rows per page
Query Builder