Lucene search
+L

490 matches found

CNNVD
CNNVD
added 2022/02/15 12:0 a.m.5 views

YzmCMS 跨站请求伪造漏洞

YzmCMS is an open source CMS Content Management System.A cross-site request spoofing vulnerability exists in YzmCMS, which stems from insufficient validation in admin.add that the request is coming from a trusted user. An attacker could use this vulnerability to spoof malicious requests to trick...

8.8CVSS5.5AI score0.00543EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2022/01/05 1:0 p.m.37 views

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification

Threat actors are exploiting Microsoft’s digital signature verification to steal user credentials and other sensitive information by delivering the ZLoader malware, which previously has been used to distribute Ryuk and Conti ransomware, researchers have found. Researchers at Check Point Research...

7.4AI score
Exploits0References10
The Hacker News
The Hacker News
added 2022/01/05 11:0 a.m.172 views

New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification

An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft's digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been trackin...

8.8CVSS0.5AI score0.44647EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/12/08 11:0 a.m.16 views

140,000 Reasons Why Emotet is Piggybacking on TrickBot in its Return from the Dead

The operators of TrickBot malware have infected an estimated 140,000 victims across 149 countries a little over a year after attempts were to dismantle its infrastructure, even as the advanced Trojan is fast becoming an entry point for Emotet, another botnet that was taken down at the start of...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/02 4:0 p.m.31 views

SideCopy APT: Connecting lures to victims, payloads to infrastructure

This blog post was authored by Hossein Jazi and the Threat Intelligence Team. Last week, Facebook announced that back in August it had taken action against a Pakistani APT group known as SideCopy. Facebook describes how the threat actors used romantic lures to compromise targets in Afghanistan. I...

0.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/11/30 8:15 p.m.3 views

CVE-2021-42564

An open redirect through HTML injection in confidential messages in Cryptshare before 5.1.0 allows remote attackers with permission to provide confidential messages via Cryptshare to redirect targeted victims to any URL via the '...

5.4CVSS5.8AI score0.00665EPSS
Exploits1References2
Wired Threat Level
Wired Threat Level
added 2021/11/28 2:0 p.m.21 views

What Is a Watering Hole Attack?

It's a technique that can hit thousands of victims—through no fault of their own...

7AI score
Exploits0
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.4 views

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features.GitLab CE/EE is vulnerable to a cross-site scripting vulnerability that could b...

8.7CVSS5.8AI score0.60729EPSS
Exploits0References6
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/10/26 12:0 a.m.18 views

What To Expect in a Ransomware Negotiation

We wanted to get a better understanding of what victims go through during the aftermath and recovery process of a ransomware attack to help others in case they find themselves in a similar situation. To do this, we analyzed victim support chats for five ransomware families...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/05 1:12 p.m.14 views

New Study Links Seemingly Disparate Malware Attacks to Chinese Hackers

Chinese cyber espionage group APT41 has been linked to seemingly disparate malware campaigns, according to fresh research that has mapped together additional parts of the group's network infrastructure to hit upon a state-sponsored campaign that takes advantage of COVID-themed phishing lures to...

7.8AI score
Exploits0
wpexploit
wpexploit
added 2021/10/04 12:0 a.m.732 views

Paypal Donation < 1.3.1 - CSRF to Stored Cross-Site Scripting

The plugin offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of the Button field is not escaped before being output i...

4.3CVSS4.4AI score0.00487EPSS
Exploits2References1
Malwarebytes
Malwarebytes
added 2021/09/30 4:1 p.m.32 views

Android Trojan GriftHorse, the gift horse you definitely should look in the mouth

Researchers at Zimperium have discovered an aggressive mobile premium services campaign with over 10 million victims all over the world. The stolen amount could amass hundreds of millions of Euros. The scam was hidden behind malicious Android apps, and the researchers have named the Trojan...

6.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/09/24 12:0 a.m.14 views

This Week in Security News - September 24, 1021

Water Basilik Uses New HCrypt Variant to Flood Victims With RAT Payloads & Biden Administration Issues Sanctions To Counter Ransomware...

2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/09/22 2:30 p.m.19 views

FBI Had the REvil Decryption Key

The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didnt pass it along to victims because it would have disrupted an ongoing operation. The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack. Deploying i...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/14 1:10 p.m.29 views

Romance, BEC Scams Lands Soldier in Jail for 46 Months

A former Army reservist was just sentenced to 46 months in prison and ordered to pay nearly $2 million in penalties and restitution, after pleading guilty to scamming dozens of people online, including the elderly and a veteran’s organization for Marines. Joseph Iorhemba Asan Jr. along with his...

7.2AI score
Exploits0References9
Malwarebytes
Malwarebytes
added 2021/09/08 4:13 p.m.23 views

Sextortion on the rise, warns FBI

The pandemic saw a surge in sextortion cases in 2020. Fast forward 12 months, and the numbers continue to rise significantly. This revelation came from the FBI Internet Crime Complaint Center IC3. Until 31 July 2021, it had received over 16,000 sextortion complaints, with victims losing a combine...

0.6AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/08/27 6:29 a.m.22 views

Smurf DDoS attack:❗️ How it works and how to mitigate

Attacks geared at denying users access to servers are executed in different ways. One notable approach — similar in many forms of service denials — is the use of volume. The sheer volume of requests is employed by attackers to render a particular network useless. A good representation of that is...

7.2AI score
Exploits0
OSV
OSV
added 2021/08/11 9:15 p.m.23 views

CVE-2021-22098

UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victims’ accounts in certain cases along with redirection of UAA users to a malicious sites...

6.1CVSS6.6AI score0.00712EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/27 12:0 a.m.24 views

OpenStack 输入验证错误漏洞

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace in the United States. Openstack Nova suffers from an input validation error vulnerability that allows remote attackers to exploit the vulnerability ...

6.1CVSS7.2AI score0.26792EPSS
Exploits1References17
Malwarebytes
Malwarebytes
added 2021/07/23 11:0 p.m.536 views

AvosLocker enters the ransomware scene, asks for partners

This blog post was authored by Hasherezade In mid-July we responded to an incident that involved an attack on a Microsoft Exchange server. The threat actor used this entry point to get into a Domain Controller and then leveraged it as a springboard to deploy ransomware. While examining the...

7.2AI score
Exploits0
Rows per page
Query Builder