Lucene search
+L

490 matches found

OSV
OSV
added 2019/05/23 3:30 p.m.1 views

DEBIAN-CVE-2019-12300

Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim...

9.8CVSS6.9AI score0.01825EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/05/16 12:23 p.m.1 views

'GozNym' Banking Malware Gang Dismantled by International Law Enforcement

In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe,...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/05/15 4:0 p.m.88 views

Verizon’s DBIR Highlights Key Drivers of Security Risk

It’s that time of the year when Verizon updates us on the latest trends in the global threat landscape with its Data Breach Investigations Report DBIR. The findings in this year’s report are based on data provided by more than 70 sources including Qualys about more than 41,000 security incidents,...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/11 3:50 p.m.68 views

Popular Video Editing Software Website Hacked to Spread Banking Trojan

If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer. The official website of the VSDC software — one of the most popular, free video...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/04/01 3:15 p.m.82 views

Google Play Boots Italian Spyware Apps That Infected Hundreds

Google has removed more than a dozen malicious apps harboring Android spyware from its Google Play marketplace. The spyware appears to have been developed by an Italian firm, which is now under investigation for its development. Researchers allege that the apps have infected several hundred – up ...

7.5AI score
Exploits0References13
HackRead
HackRead
added 2019/03/23 11:15 p.m.84 views

Firefox, Edge, Safari, Tesla & VMware pwned at Pwn2Own

By Waqas Pwn2Own 2019 has yet again proved that a secure system is nothing else but a myth. In its two days running, the contest has claimed many high-profile victims including the likes of Tesla, Firefox, and Safari. Pwn2Own is an annual hacking contest held in Vancouver alongside the CanSecWest...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2019/03/22 10:11 p.m.164 views

Spycams Secretly Live-Streamed 1,600 Motel Guests

Four people have been arrested for taking secret videos of guests at motels and live-streaming them to paying audiences. According to Seoul police, the perps filmed about 1,600 motel guests in the past year in various states of undress and having sex. They did so with tiny wireless spy cameras se...

0.5AI score
Exploits0References5
Cvelist
Cvelist
added 2019/02/04 9:0 p.m.29 views

CVE-2019-1000010

phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting XSS vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser. This attack appears to be exploitable via victim visits link crafted by an attacker. This vulnerability appears to have been fixed in...

6.6AI score0.00863EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2019/02/04 8:17 a.m.3 views

First Hacker Convicted of 'SIM Swapping' Attack Gets 10 Years in Prison

A 20-year-old college student who stole cryptocurrency worth more than $5 million by hijacking victims' phone numbers has pleaded guilty and accepted a sentence of 10 years in prison. Ortiz was arrested last year on charges of siphoning millions of dollars in cryptocurrency from around 40 victims...

6.9AI score
Exploits0
OSV
OSV
added 2018/12/20 5:29 p.m.13 views

CVE-2018-1000860

phpipam version 1.3.2 and earlier contains a Cross Site Scripting XSS vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single quotes. Editing the value of the cookie to r5zkh'alert1quqtl exploits an XSS vulnerability. that can...

4.7CVSS5.2AI score
Exploits0References1
HackRead
HackRead
added 2018/12/14 6:28 p.m.123 views

Hackers bypassed Gmail & Yahoo’s 2FA to target US officials

By Waqas The attack was carried out by Iran-backed charming kitten hackers and victims include dozens of US government officials. Private emails of US sanctions officials and nuclear scientists have been breached by Iranian state-sponsored hackers. As per the data obtained by Certfa, a...

2.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/12/10 3:0 p.m.76 views

What Happens When Victims Pay Ransomware Attackers?

For many hackers around the globe, ransomware infections have become a lucrative business. Although these types of malware samples have been around for years now, they continue to spur success - and high monetary profits - for attackers. In fact, according to a statement from U.S. Deputy Attorney...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/12/03 3:42 p.m.10 views

iOS Fitness Apps Robbing Money From Apple Victims

Two apps that were posing as fitness-tracking tools were actually using Apple’s Touch ID feature to loot money from unassuming iOS victims. The two impacted apps were the “Fitness Balance App” and “Calories Tracker App.” Both apps looked normal, and served functions like calculating BMI, tracking...

0.7AI score
Exploits0References7
The Hacker News
The Hacker News
added 2018/11/28 5:40 p.m.1 views

U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks

The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hackin...

7.1AI score
Exploits0
Securelist
Securelist
added 2018/10/19 10:0 a.m.90 views

DarkPulsar FAQ

What's it all about? In March 2017, a group of hackers calling themselves "the Shadow Brokers" published a chunk of stolen data that included two frameworks: DanderSpritz and FuzzBunch. The Fuzzbunch framework contains various types of plugins designed to analyze victims, exploit vulnerabilities,...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2018/07/31 4:11 p.m.4 views

SamSam Ransomware Attacks Extorted Nearly $6 Million

Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example. New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2018/07/26 6:43 p.m.22 views

CoinVault Ransomware Authors Sentenced to 240 Hours of Community Service

Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware, a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin 25-year-old...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2018/07/26 6:43 p.m.9 views

CoinVault Ransomware Authors Sentenced to 240 Hours of Community Service

Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware , a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin 25-year-old...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2018/07/17 6:27 p.m.12 views

Recent Andariel Group ActiveX Attacks Point to Future Targets

Researchers say that the North Korea-linked Andariel hacking group may be looking to switch up its targets, based on key changes in its script found on recently compromised websites. The Andariel group is associated with the infamous Lazarus Group, North Korea’s cyber-espionage unit. Andariel has...

7AI score
Exploits0References4
Securelist
Securelist
added 2018/07/12 6:0 p.m.53 views

Coinvault, the court case

Today, after almost 3 years of waiting, it was finally the day of the trial. In the Netherlands, where the whole case took place, the hearings are open to the public. Meaning anyone who is interested can visit. And it was quite busy. Because besides the suspects, their lawyers, the judges and the...

0.3AI score
Exploits0
Rows per page
Query Builder