514 matches found
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials
Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that's primarily designed to target users in Spain and Turkey. "Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remot...
Finder ERP SQL注入漏洞
Finder ERP is an enterprise resource planning software from Finder Turkey. An SQL injection vulnerability exists in Finder ERP versions prior to 18.12.2024, which stems from improper validation of input syntax correctness and could lead to SQL injection...
Finder ERP SQL注入漏洞
Finder ERP is an enterprise resource planning software from Finder Turkey. An SQL injection vulnerability exists in Finder ERP versions prior to 18.12.2024, which stems from improper neutralization of special elements in SQL commands and could lead to SQL injection...
The FBI Made a Crypto Coin Just to Catch Fraudsters
Plus: New details emerge in the National Public Data breach, Discord gets blocked in Russia and Turkey over alleged illegal activity on the platform, and more...
July 9, 2024—KB5040448 (OS Build 10240.20710) - EXPIRED
July 9, 2024—KB5040448 OS Build 10240.20710 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 12/8/20 For...
July 9, 2024—KB5040434 (OS Build 14393.7159) - EXPIRED
July 9, 2024—KB5040434 OS Build 14393.7159 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 11/19/20 For...
New Medusa Android Trojan Targets Banking Users Across 7 Countries
Cybersecurity researchers have discovered an updated version of an Android banking trojan called Medusa that has been used to target users in Canada, France, Italy, Spain, Turkey, the U.K., and the U.S. The new fraud campaigns, observed in May 2024 and active since July 2023, manifested through...
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and XWorm, among others. "The group made extensive use of steganography by...
Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries
A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive...
Android malware, Android malware and more Android malware
Introduction Malware for mobile devices is something we come across very often. In 2023, our technologies blocked 33.8 million malware, adware, and riskware attacks on mobile devices. One of 2023s most resonant attacks was Operation Triangulation, targeting iOS, but that was rather a unique case...
turkey-is.ru Cross Site Scripting vulnerability OBB-3823497
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Infodrom Software E-Invoice Approval System Security Breach
Infodrom Software E-Invoice Approval System is an electronic invoice approval system from Infodrom Software, Turkey. A security vulnerability exists in Infodrom Software E-Invoice Approval System version 2.1 that stems from improper protection of outbound error messages and alert signals...
Coyav Travel Proagent SQL Injection Vulnerability
Coyav Travel Proagent is a travel agent application from Coyav Travel in Turkey. A SQL injection vulnerability exists in versions prior to Coyav Travel Proagent 20230904, which stems from vulnerability to SQL injection attacks...
Infodrom Software E-Invoice Approval System 安全漏洞
Infodrom Software E-Invoice Approval System is an electronic invoice approval system from Infodrom Software, Turkey. A security vulnerability exists in Infodrom Software E-Invoice Approval System prior to version v.20230701, which stems from a plaintext stored password vulnerability that allows...
Infodrom Software E-Invoice Approval System SQL注入漏洞
Infodrom Software E-Invoice Approval System is an electronic invoice approval system from Infodrom Software, Turkey. A SQL injection vulnerability exists in Infodrom Software E-Invoice Approval System versions prior to v.20230701, which stems from vulnerability to SQL injection attacks...
istanbulhotelturkey.com Cross Site Scripting vulnerability OBB-3440847
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency
A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from...
GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments
Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020, characterized the adversary as both capable...
Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
The advanced persistent threat APT actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat APT group us...
Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
The advanced persistent threat APT actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat APT group us...