Lucene search
K

184 matches found

The Hacker News
The Hacker News
added 2018/08/24 10:55 a.m.4 views

T-Mobile Hacked — 2 Million Customers' Personal Data Stolen

T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of "some" personal information of up to 2 million T-Mobile customers. The leaked information includes customers' name, billing zip code, phone number, email...

6.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/06/28 5:50 p.m.52 views

Plant Your Flag, Mark Your Territory

Many people, particularly older folks, proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data -- including everything from utilities and mobile phones to retirement benefits and online banking services. The reasoning behind this strategy is a...

6.9AI score
Exploits0
HackRead
HackRead
added 2018/05/29 2:24 p.m.24 views

Hackers demand $1m ransom after stealing data from 2 Canadian banks

By Uzair Amir Hackers have stolen financial data of thousands of customers - This is a post from HackRead.com Read the original post: Hackers demand $1m ransom after stealing data from 2 Canadian banks...

2.7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/05/14 7:19 p.m.11 views

GDPR Phishing Scam Targets Apple Accounts, Financial Data

A phishing campaign targeting Apple users is attempting to trick victims into updating their profiles under the guise it’s a part of proactive security hardening prepping for the introduction of General Data Protection Regulation GDPR policies set to go into effect on May 25. The phishing...

0.2AI score
Exploits0References3
Packet Storm
Packet Storm
added 2018/05/14 12:0 a.m.120 views

Calamp.com Incorrect Privilege Assignment

There is also a full write up on https://medium.com/@evstykas/remote-smart-car-hacking-with-just-a-phone-2fe7ca682162 Vulnerability Security Advisory ======================================================================= title: Incorrect Privilege Assignment product: lenderoutlook on...

0.5AI score
Exploits0
CNVD
CNVD
added 2017/10/16 12:0 a.m.6 views

Cacti cross-site scripting vulnerability (CNVD-2017-32248)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in the...

6.1CVSS6.2AI score0.0107EPSS
Exploits1References1
seebug.org
seebug.org
added 2017/09/28 12:0 a.m.27 views

LibOFX Tag Parsing Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability...

7.1AI score
Exploits0
Talos
Talos
added 2017/09/13 12:0 a.m.23 views

LibOFX Tag Parsing Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability...

8.8CVSS8.5AI score0.02393EPSS
Exploits1
CNVD
CNVD
added 2017/08/01 12:0 a.m.3 views

MEDHOST Document Management Information Disclosure Vulnerability

MEDHOST Document Management System is a document management system from the American company MEDHOST. The system manages documents such as user access and audit logs by defining different roles and permissions. A security vulnerability exists in MEDHOST Document Management System, which originate...

9.1CVSS9.1AI score0.01001EPSS
Exploits2References1
CNVD
CNVD
added 2017/08/01 12:0 a.m.4 views

MEDHOST Document Management Hardcoded Certificate Disclosure Vulnerability

MEDHOST Document Management System is a document management system from the American company MEDHOST. The system manages documents such as user access and audit logs by defining different roles and permissions. A security vulnerability exists in MEDHOST Document Management System due to a...

9.1CVSS9.1AI score0.01001EPSS
Exploits2References1
CNVD
CNVD
added 2017/08/01 12:0 a.m.3 views

MEDHOST Document Management Information Disclosure Vulnerability (CNVD-2017-27413)

MEDHOST Document Management System is a document management system from the American company MEDHOST. The system manages documents such as user access and audit logs by defining different roles and permissions. A security vulnerability exists in MEDHOST Document Management System, which originate...

9.8CVSS9.2AI score0.01103EPSS
Exploits2References1
Prion
Prion
added 2017/07/28 1:29 p.m.14 views

Hardcoded credentials

MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial...

6.4CVSS9.1AI score0.01001EPSS
Exploits2References1
NVD
NVD
added 2017/07/25 5:29 p.m.17 views

CVE-2017-11614

MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial information. Connex utilize...

9.8CVSS9.4AI score0.01103EPSS
Exploits2References1
CVE
CVE
added 2017/07/25 5:0 p.m.58 views

CVE-2017-11614

CVE-2017-11614 involves MEDHOST Connex hard-coded IBM i DB2 user credentials (HMSCXPDN). The vulnerability arises because the password is embedded in multiple locations in the Connex application and cannot be changed by customers, and the account has elevated DB2 roles enabling access to all obje...

9.8CVSS9.2AI score0.01103EPSS
Exploits2References1Affected Software1
Packet Storm
Packet Storm
added 2017/07/25 12:0 a.m.54 views

MEDHOST Connex Hard-Coded Credentials

Overview ------------ MEDHOST Connex for all versions contains hard-coded credentials that are used for customer database access. This is a new vulnerability not related to CVE-2016-4328. Description ------------ MEDHOST Connex contains hard-coded credentials that are used for customer database...

10CVSS9.7AI score0.03957EPSS
Exploits3
CISA
CISA
added 2017/03/09 12:0 a.m.11 views

IRS Releases Tax-Time Guide

The Internal Revenue Service IRS has released tax-time advice intended to help the public protect their personal and financial data and computers. Recommendations include using strong passwords, backing up files, and using robust security software to help block malware and viruses. Users and...

6.9AI score
Exploits0References2
The Hacker News
The Hacker News
added 2016/12/15 5:41 a.m.20 views

FBI Most Wanted Fugitive JPMorgan Hacker Arrested in New York

One of the FBI's most wanted hackers who was behind the largest theft of financial data has finally been arrested at the JFK airport in New York. Joshua Samuel Aaron is accused of being part of a hacking group that attacked several major financial institutions, including JPMorgan Chase, and...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2016/08/17 5:0 a.m.18 views

Operation Ghoul Targeting Middle Eastern Industrial, Engineering Organizations

Researchers today identified a series of ongoing targeted attacks primarily designed to steal sensitive corporate financial data from industrial and engineering organizations in the Middle East. The group behind the campaign, nicknamed Operation Ghoul by researchers at Kaspersky Lab’s Global...

0.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/07/13 9:5 a.m.10 views

Seeking Alpha Mobile Financial App Forgoes Encryption

A popular mobile application that provides financial market research material operates without a measure of encryption, putting user information, including credentials and strategic financial interests at risk. The Seeking Alpha mobile app for Android and iOS also leaks everything from HTTP cooki...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/07/13 12:0 a.m.16 views

Letter of financial built Station System info. php and other file parameters class SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder