258 matches found
Feds Shut Down Fake COVID-19 Vaccine Phishing Website
Federal law enforcement in Maryland has shut down a fraudulent website targeting immigrant communities that claimed to be for a company developing a COVID-19 vaccine. Instead, the site was stealing information from people with the purpose of using it for future cybercriminal activity. The U.S...
Supporting Akamai Communities Impacted by COVID-19
While those of us in places like the U.S. are experiencing some relief with access to the COVID-19 vaccine, it has been heartbreaking to see surges in infection, hospitalization, and death across the globe, including the dire situation in India...
CVE-2021-29455
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...
[SECURITY] Fedora 33 Update: moodle-3.9.5-1.fc33
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...
pcamlvcommunities.com Cross Site Scripting vulnerability OBB-1451610
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
orkneycommunities.co.uk Cross Site Scripting vulnerability OBB-1374576
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
gardencommunitiesca.com Cross Site Scripting vulnerability OBB-1293533
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
How Cryptography Lets Down Marginalized Communities
Speaking at a prestigious crypto conference this month, Seny Kamara called on the field to recognize its blind spots—and fix them...
Seny Kamara on "Crypto for the People"
Seny Kamara gave an excellent keynote talk this year at the online CRYPTO Conference. He talked about solving real-world crypto problems for marginalized communities around the world, instead of crypto problems for governments and corporations. Well worth watching and listening to...
Seny Kamara on "Crypto for the People"
Seny Kamara gave an excellent keynote talk this year at the online CRYPTO Conference. He talked about solving real-world crypto problems for marginalized communities around the world, instead of crypto problems for governments and corporations. Well worth watching and listening to...
Seny Kamara on "Crypto for the People"
Seny Kamara gave an excellent keynote talk this year at the online CRYPTO Conference. He talked about solving real-world crypto problems for marginalized communities around the world, instead of crypto problems for governments and corporations. Well worth watching and listening to...
empirecommunities.com Cross Site Scripting vulnerability OBB-1209264
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Career Choice Tip: Cybercrime is Mostly Boring
When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of...
[SECURITY] Fedora 30 Update: moodle-3.6.10-1.fc30
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...
Open Social - Critical - Insecure Session Management - SA-CONTRIB-2019-075
Open Social is a Drupal distribution for online communities. The included socialmagiclogin module doesn't sufficiently validate magic login URLs for user accounts that do not have a local password, but login via external systems. The lack of validation makes it possible for an adversary to forge...
CVE-2019-15873
The WordPress plugin profilegrid-user-profiles-groups-and-communities (Profiles Grid) is vulnerable before version 2.8.6. The issue is remote code execution via wp-admin/admin-ajax.php using action=pm_template_preview&html=
Cross-site Scripting (XSS)
invenio-communities is vulnerable to cross-site scripting XSS. The vulnerability exists through the lack of sanitization of community.description in about.html...
CVE-2019-1020005
invenio-communities before 1.0.0a20 allows XSS...
CVE-2019-1020005
invenio-communities before 1.0.0a20 allows XSS...
PYSEC-2019-25
invenio-communities before 1.0.0a20 allows XSS...