Lucene search
K

183 matches found

The Hacker News
The Hacker News
added 2021/09/27 11:47 a.m.20 views

New Android Malware Steals Financial Data from 378 Banking and Wallet Apps

The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research. "The new trojan already has active distribution campaigns and is targeting...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/23 9:55 a.m.31 views

New Android Malware Targeting US, Canadian Users with COVID-19 Lures

An "insidious" new SMS smishing malware has been found targeting Android mobile users in the U.S. and Canada as part of an ongoing campaign that uses SMS text message lures related to COVID-19 regulations and vaccine information in an attempt to steal personal and financial data. Proofpoint's...

1.5AI score
Exploits0
OSV
OSV
added 2021/09/14 12:15 p.m.2 views

CVE-2021-38164

SAP ERP Financial Accounting RFOPENPOSTINGFR versions - SAPAPPL - 600, 602, 603, 604, 605, 606, 616, SAPFIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific user...

5.4CVSS6.3AI score0.00482EPSS
Exploits0References2
Prion
Prion
added 2021/09/14 12:15 p.m.12 views

Design/Logic Flaw

SAP ERP Financial Accounting RFOPENPOSTINGFR versions - SAPAPPL - 600, 602, 603, 604, 605, 606, 616, SAPFIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific user...

5.5CVSS5.3AI score0.00482EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/14 11:19 a.m.23 views

CVE-2021-38164

SAP ERP Financial Accounting RFOPENPOSTINGFR versions - SAPAPPL - 600, 602, 603, 604, 605, 606, 616, SAPFIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific user...

5.4CVSS5.6AI score0.00482EPSS
Exploits0References2
Krebs on Security
Krebs on Security
added 2021/08/09 3:21 p.m.47 views

Phishing Sites Targeting Scammers and Thieves

I was preparing to knock off work for the week on a recent Friday evening when a curious and annoying email came in via the contact form on this site: "Hello I go by the username Nuclear27 on your site Briansclub.com," wrote "Mitch," confusing me with the proprietor of perhaps the undergrounds...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/28 12:53 p.m.49 views

UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild

An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021. Italy's CERT-AGID, in late January, disclosed details about...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/13 8:10 p.m.127 views

Guess Fashion Deals With Data Loss, Post-Ransomware

A February ransomware attack on fashion label Guess linked to Colonial Pipeline attackers DarkSide is still causing damage. Guess has started sending letters to 1,300 employees and contractors who had their personal and banking data exposed during the breach. The letter, published by...

6.6AI score
Exploits0References7
Krebs on Security
Krebs on Security
added 2021/06/18 12:20 p.m.37 views

First American Financial Pays Farcical $500K Fine

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF was leaking more than 800 million documents -- many containing sensitive financial data -- related to real estate transactions dating back 16 years. This week, the U.S...

6.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/05/21 5:41 p.m.63 views

How to Tell a Job Offer from an ID Theft Trap

One of the oldest scams around -- the fake job interview that seeks only to harvest your personal and financial data -- is on the rise, the FBI warns. Heres the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/03/23 6:1 p.m.36 views

Phish Leads to Breach at Calif. State Controller

A phishing attack last week gave attackers access to email and files at the California State Controllers Office SCO, an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders...

6.6AI score
Exploits0
Hacker One
Hacker One
added 2021/02/16 9:58 a.m.21 views

QIWI: Remote Code Execution on contactws.contact-sys.com via SQL injection in TAktifBankObject.GetOrder in parameter DOC_ID

Summary The API interface on https://contactws.contact-sys.com:3456/ accepts a body to interact with the server's AppServ object. Because of insufficient input validation, an attacker can abuse the DOCID parameter on the TAktifBankObject operation GetOrder to inject arbitrary SQL statements into...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/02/05 3:17 p.m.132 views

Ransomware Attacks Hit Major Utilities

Two state-owned utility companies in Brazil suffered separate ransomware attacks in the past week, forcing them to shut down some operations and services temporarily, In one case, sensitive data was stolen and dumped online, including network access logins and engineering plans. Centrais Eletrica...

0.8AI score
Exploits0References11
Hacker One
Hacker One
added 2021/01/31 7:37 p.m.16 views

Shopify: [h1-2102] Partner's team member with no permission can retrieve services financial data

Details Unfortunately, I wasn't able to properly validate the following report as I could not get access the my partner's services option event is ending in a few hours and that access is manually given https://help.shopify.com/en/partners/selling-services. However, given the observed behaviour, ...

1.4AI score
Exploits0
Securelist
Securelist
added 2020/12/29 10:0 a.m.239 views

Digital Footprint Intelligence Report

Introduction The Digital Footprint Intelligence Service announces the results of research on the digital footprints of governmental, financial and industrial organizations for countries in the Middle East region: Bahrain, Egypt, Iran, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Suda...

0.6AI score
Exploits0
HackRead
HackRead
added 2020/12/28 1:52 p.m.46 views

REvil hackers to leak photos of plastic surgery patients after massive hack

By Waqas The latest victim of REvil hackers aka Sodinokibi group is The Hospital Group based in Manchester, England. A Manchester, England-based prominent cosmetic and weight loss specialist The Hospital Group has suffered a ransomware attack carried out by REvil hackers. As a result, hackers hav...

2.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/11/19 2:0 p.m.162 views

Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattacks

Cybercriminals are recognizing that the data that automotive companies have to offer – from customer and employee personal identifiable information PII to financial data – is invaluable. Recently, one attacker installed a keystroke logger on the workstation of a car dealership’s finance specialis...

0.2AI score
Exploits0References12
HackRead
HackRead
added 2020/11/03 3:54 p.m.18 views

US jails Russian hacker for 8 years over botnet, bank fraud

By Deeba Ahmed The hacker participated in a sophisticated scheme to steal, exchange sensitive financial, personal data, causing a loss of $100 million to the victims. This is a post from HackRead.com Read the original post: US jails Russian hacker for 8 years over botnet, bank fraud...

2.4AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/21 3:30 p.m.31 views

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data

The Egregor ransomware gang has reportedly taken responsibility for the Barnes & Noble cyberattack, first disclosed on Oct. 15. The bookseller warned last week that it had been hacked in emailed notices to customers, noting that a cyberattack happened on Oct. 10, “which resulted in unauthorized a...

1AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/10/19 5:5 p.m.33 views

Overlay Malware Targets Windows Users with a DLL Hijack Twist

Brazilians are being warned of a new overlay malware targeting Windows users in order to siphon victims’ financial data and drain their bank accounts. Researchers say what the malware, dubbed Vizom, lacks in sophistication it makes up for in its creative abuse of the Windows ecosystem. Trusteer, ...

1.3AI score
Exploits0References3
Rows per page
Query Builder