Lucene search
+L

490 matches found

HackRead
HackRead
added 2022/09/19 9:39 p.m.17 views

No More Ransom Offers Free Decryptor to LockerGoga Ransomware Victims

By Deeba Ahmed LockerGoga ransomware has been targeting industrial organizations since around 2019. This is a post from HackRead.com Read the original post: No More Ransom Offers Free Decryptor to LockerGoga Ransomware Victims...

4.6AI score
Exploits0
NCSC
NCSC
added 2022/09/13 12:0 a.m.4 views

Vulnerability fixed in IBM WebSphere Application Server

IBM has fixed a vulnerability in WebSphere Application Server. An authenticated malicious person could exploit the vulnerability potentially exploit it to perform a cross-site scripting attack. Through such an attack, the malicious party could execute code in the browser of the victim and thus be...

5.4CVSS6.6AI score0.00427EPSS
Exploits0
HackRead
HackRead
added 2022/09/06 9:47 p.m.16 views

12 Arrested as Interpol Takes Down Transnational Sextortion Ring

By Deeba Ahmed Interpol has confirmed the dismantling of a transnational sextortion gang that raked in a whopping $47,000 from dozens of victims. This is a post from HackRead.com Read the original post: 12 Arrested as Interpol Takes Down Transnational Sextortion Ring...

1.9AI score
Exploits0
HackRead
HackRead
added 2022/07/22 3:35 p.m.25 views

Israeli Spyware Vendor Uses Chrome 0day to Target Journalists

By Deeba Ahmed The spyware vendor Candiru used the Chrome zero-day in March 2022 to target journalists and other unsuspected victims… This is a post from HackRead.com Read the original post: Israeli Spyware Vendor Uses Chrome 0day to Target Journalists...

1.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/19 1:29 p.m.23 views

Fraudulent cryptocurrency investment apps are duping investors

Together with the Department of Homeland Security DHS and the Cybersecurity and Infrastructure Security Agency CISA, the FBI has released a warning about cybercriminals creating fraudulent cryptocurrency investment apps in order to defraud cryptocurrency investors. The threat actors convince...

0.5AI score
Exploits0
OSV
OSV
added 2022/07/08 5:15 p.m.4 views

CVE-2022-34160

IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 229330...

5.4CVSS5.8AI score0.01049EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/07 12:0 a.m.5 views

IBM Security Verify Access 跨站脚本漏洞

IBM Security Verify Access ISAM is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls,...

5.4CVSS5.9AI score0.00435EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/22 12:0 a.m.3 views

motor-admin 安全漏洞

motor-admin is a code-free management panel and business intelligence tool from Motor Admin open source. A security vulnerability exists in motor-admin versions 0.0.1 through 0.2.56, which stems from the vulnerability of the host header in the password reset function. An attacker could use this...

6.8CVSS5.7AI score0.01315EPSS
Exploits1References3
Krebs on Security
Krebs on Security
added 2022/06/11 12:4 a.m.25 views

Adconion Execs Plead Guilty in Federal Anti-Spam Case

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct now Amobee have pleaded guilty to lesser misdemeanor charges of fraud and...

0.1AI score
Exploits0
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.6 views

WordPress plugin Social Share Buttons 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Social Share Buttons plugin 2.2.2 and earlier versions are vulnerable to cross-site request forgery...

4.3CVSS5.4AI score0.00396EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2022/06/01 11:37 p.m.23 views

More than a quarter of Americans fell for robocall scam calls in past year

More and more Americans have been falling victim to phone scams since 2019. According to the latest report from Truecaller Google Docs upload of the entire report, separate blog here, a known spam blocker and caller ID app, 68.4 million Americans were victimized in the last 12 months, a substanti...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/25 4:25 p.m.21 views

Eerie GoodWill ransomware forces victims to publish videos of good deeds on social media

Ransomware does what the name implies: holds your files or network to ransom. Pay the authors, typically in cryptocurrency, and you may get your files back. Refuse, and the files could be lost forever or even leaked to the far corners of the net. Sometimes creators of ransomware try different...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/24 1:0 p.m.71 views

General Motors suffers credential stuffing attack

American car manufacturer General Motors GM says it experienced a credential stuffing attack last month. During the attack customer information and reward points were stolen. The subject of the attack was an online platform, run by GM, to help owners of Chevrolet, Buick, GMC, and Cadillac vehicle...

1.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/16 10:0 a.m.21 views

Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis

This blog post was authored by Hossein Jazi and Jérôme Segura Populations around the world—and in Europe in particular—are following the crisis in Ukraine very closely, and with events unfolding on a daily basis, people are hungry for information. Although all countries have reasons to be...

Exploits0
Malwarebytes
Malwarebytes
added 2022/05/03 1:34 p.m.15 views

Craft fair vendors targeted by fake event scammers on Facebook

A real world scam which sucks the fun out of craft fairs has caused nothing but stress for victims. It may sound bizarre, but it’s actually a fairly popular attack focused on small/self-run business owners selling their own creations. Are you ready for a trip to the craft fair? You’re a small...

6.5AI score
Exploits0
CNNVD
CNNVD
added 2022/04/06 12:0 a.m.5 views

多款 VMware 产品跨站请求伪造漏洞

Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...

4.3CVSS6.9AI score0.00497EPSS
Exploits1References4
Malwarebytes
Malwarebytes
added 2022/03/09 11:44 a.m.14 views

RagnarLocker ransomware gang breached 52 critical infrastructure organizations

In a FLASH publication issued by the FBI in coordination with DHS/CISA, the FBI says it has identified at least 52 organizations across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including organizations in the critical manufacturing, energy, financial services,...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/03/03 12:32 p.m.16 views

Details of an NSA Hacking Operation

Pangu Lab in China just published a report of a hacking operation by the Equation Group aka the NSA. It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers aka some Russian group. …the scope of victims exceeded 287 targets in 45 countries,...

2AI score
Exploits0
CNNVD
CNNVD
added 2022/02/25 12:0 a.m.4 views

Apache JSPWiki 跨站脚本漏洞

JSPWiki is an open source JSP-based Wiki system from Apache, based on the file system, with permissions management and search capabilities.Apache JSPWiki versions prior to 2.11.2 have a cross-site scripting vulnerability in the user preferences screen. An attacker could use this vulnerability to...

6.1CVSS5.4AI score0.02251EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2022/02/16 2:3 p.m.33 views

TrickBot Malware Targeted Customers of 60 High-Profile Companies Since 2020

The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. "TrickBot is a sophisticated and versatile malware with mor...

0.9AI score
Exploits0
Rows per page
Query Builder