Lucene search
K

97 matches found

Prion
Prion
added 2024/02/29 1:43 a.m.22 views

Design/Logic Flaw

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

5CVSS6.9AI score0.00524EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.6 views

PT-2024-17942 · WordPress · The Directorist: Ai-Powered Wordpress Business Directory Plugin With Classified Ads Listings

Name of the Vulnerable Software and Affected Versions: The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress versions up to, and including, 7.8.4 Description: The issue allows unauthorized modification of data due to a missing capability check on...

5.3CVSS6.1AI score0.00524EPSS
Exploits0References7
hivepro
hivepro
added 2023/08/18 4:50 p.m.29 views

AdLoad Malware Persists on Mac Systems with New Proxy Payload

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AdLoad malware persists on Mac systems with a new proxy application payload, converting infected devices into a proxy botnet. This scheme, involving thousands of IP addresses, points to a monetization...

6.9AI score
Exploits0
OSV
OSV
added 2023/07/10 4:15 p.m.2 views

CVE-2023-22673

Cross-Site Request Forgery CSRF vulnerability in MageNet Website Monetization by MageNet plugin = 1.0.29.1 versions...

8.8CVSS7.3AI score0.00301EPSS
Exploits0References1
NVD
NVD
added 2023/07/10 4:15 p.m.28 views

CVE-2023-22673

Cross-Site Request Forgery CSRF vulnerability in MageNet Website Monetization by MageNet plugin = 1.0.29.1 versions...

8.8CVSS6.5AI score0.00301EPSS
Exploits0References1
Prion
Prion
added 2023/07/10 4:15 p.m.10 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in MageNet Website Monetization by MageNet plugin = 1.0.29.1 versions...

6.8CVSS8.7AI score0.00301EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/07/10 11:40 a.m.31 views

CVE-2023-22673

CVE-2023-22673 is a CSRF vulnerability in the WordPress plugin Website Monetization by MageNet (MageNet) for versions

8.8CVSS7.1AI score0.00301EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.14 views

Wrodpress Plugin Website Monetization by MageNet 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS7.7AI score0.00301EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.4 views

PT-2023-18618 · Magenet · Magenet Website Monetization

Name of the Vulnerable Software and Affected Versions: MageNet Website Monetization by MageNet plugin versions = 1.0.29.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions ...

8.8CVSS8.5AI score0.00301EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2023/06/21 5:36 a.m.63 views

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 AX1800 Wi-Fi routers to rope the devices into a distributed denial-of-service DDoS botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work ...

8.8CVSS10AI score0.99999EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/02/10 10:42 a.m.5 views

3 Overlooked Cybersecurity Breaches

Here are three of the worst breaches, attacker tactics and techniques of 2022, and the security controls that can provide effective, enterprise security protection for them. 1: 2 RaaS Attacks in 13 Months Ransomware as a service is a type of attack in which the ransomware software and...

7AI score
Exploits0
Securelist
Securelist
added 2022/06/15 10:0 a.m.16 views

How much does access to corporate infrastructure cost?

Division of labor Money has been and remains the main motivator for cybercriminals. The most widespread techniques of monetizing cyberattacks include selling stolen databases, extortion using ransomware and carding. However, there is demand on the dark web not only for data obtained through an...

Exploits0
ThreatPost
ThreatPost
added 2021/12/29 7:13 p.m.39 views

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud

While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. TL; DR ------ Analysis of...

7.8AI score
Exploits0References3
Malwarebytes
Malwarebytes
added 2021/06/28 2:30 p.m.110 views

Is it game over for VR advergaming?

We’ve been warning about advergaming—the combination of virtual reality VR and ads—for years on the Labs Blog. I’ve given a few talks on the subject too, and how ad networks will slowly work their way into enclosed spaces formerly reserved for your head. They still might, but thanks to a recent...

6.5AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2021/02/04 7:10 p.m.35 views

The Gaming Platforms That Let Streamers Profit From Hate

WIRED has found dozens of far-right and white supremacist figures monetizing their livestreams through “donation management services” Streamlabs and StreamElements...

2.1AI score
Exploits0
HackRead
HackRead
added 2020/11/05 5:31 p.m.44 views

Hackers actively compromising VoIP phone system for monetization

By Deeba Ahmed One of the most interesting yet complex methods of exploitation employed by hackers is using the servers to make outgoing phone calls to generate profits. This is a post from HackRead.com Read the original post: Hackers actively compromising VoIP phone system for monetization...

3.6AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/15 8:8 p.m.103 views

FIFA 21 Blockbuster Release Gives Fraudsters an Open Field for Theft

The hotly anticipated release of blockbuster video game FIFA 21 on Oct. 6, along with the return of professional play, are giving soccer fans reason to celebrate. And, unsurprisingly, cybercriminals are already figuring out how to capitalize. A report from researcher Christopher Boyd at...

7.2AI score
Exploits0References9
FireEye
FireEye
added 2020/10/14 12:0 a.m.49 views

FIN11: Widespread Email Campaigns as Precursor for Ransomware and Data Theft

Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN or financially motivated threat group for the first time since 2017. We have detailed FIN11's various tactics, techniques and procedures in a report that is available now by signing up for Mandiant Advantage Free. In...

1.3AI score
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2020/07/23 8:0 p.m.33 views

Afternoon Cyber Tea: Peak, Plateau, or Plummet? Cyber security trends that are here to stay and how to detect and recover from ransomware attacks

The rapidity of change in the cyberthreat landscape can be daunting for today’s cyber defense teams. Just as they perfect the ability to block one attack method, adversaries change their approach. Tools like artificial intelligence and machine learning allow us to pivot quickly, however, knowing...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/06 9:50 p.m.85 views

Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns

Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPety...

1.1AI score
Exploits0References15
Rows per page
Query Builder