Lucene search
+L

490 matches found

NVD
NVD
added 2015/08/26 6:59 p.m.27 views

CVE-2015-5412

Cross-site request forgery CSRF vulnerability in HP Version Control Repository Manager VCRM before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

6CVSS6.6AI score0.00867EPSS
Exploits0References2
Prion
Prion
added 2015/07/21 7:59 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in HP System Management Homepage SMH before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

6CVSS7.1AI score0.00924EPSS
Exploits0References4Affected Software1
ThreatPost
ThreatPost
added 2015/07/14 12:57 p.m.12 views

New Bill Would Grant Lifetime Credit Monitoring to OPM Victims

A group of lawmakers are proposing victims of last month’s expansive Office of Personnel Management hack receive lifetime fraud protection and credit monitoring. Democratic lawmakers on Monday presented the Reducing the Effects of the Cyberattack on OPM Victims Emergency Response, or RECOVER Act...

0.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2015/06/23 12:12 p.m.12 views

FBI Says Cryptowall Cost Victims $18 Million Since 2014

In a little more than a year, consumers affected by the Cryptowall ransomware have reported to the FBI more than $18 million in losses related to infections from the malware. Cryptowall is among the group of ransomware families that encrypt the files on victims’ computers and then demands a ranso...

2.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/06/10 8:5 a.m.55 views

Duqu Resurfaces With New Round of Victims, Including Kaspersky Lab

The Duqu attackers, who are considered by researchers to be at the top of the food chain of APT groups and are responsible for attacking certificate authorities and perhaps spying on Iran’s nuclear program, have resurfaced with a new platform that was used to compromise high-profile victims,...

9CVSS8.5AI score0.87448EPSS
Exploits8References4
ThreatPost
ThreatPost
added 2015/06/04 11:41 a.m.10 views

Author Behind Ransomware Tox Calls it Quits, Sells Platform

Earlier this week, when the author behind the crypto-ransomware Locker apologized and released decryption keys for his victims, it seemed like a change of heart, uncharacteristic for an attacker. Now another ransomware creator has also decided to cut his losses and get out of the game – but not...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/05/18 10:44 a.m.21 views

TeslaCrypt Ransomware Taking a Toll on Victims

The attackers behind the TeslaCrypt ransomware, which is one of the newer entries on the scene, may not be making as much money yet as some of their more experienced competitors, but researchers say that their malware is having a profound effect on victims. Like many other pieces of ransomware,...

1.2AI score
Exploits0References7
Prion
Prion
added 2014/12/16 11:59 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in CA Release Automation formerly iTKO LISA Release Automation before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.6AI score0.00923EPSS
Exploits0References5Affected Software1
ThreatPost
ThreatPost
added 2014/12/10 11:12 a.m.114 views

Red October Attackers Return With CloudAtlas APT Campaign

The attackers behind the Red October APT campaign that was exposed nearly two years ago have resurfaced with a new campaign that is targeting some of the same victims and using similarly constructed tools and spear phishing emails. Red October emerged in January 2013 and researchers found that th...

9.3CVSS0.3AI score0.99966EPSS
Exploits12References9
ThreatPost
ThreatPost
added 2014/11/20 2:8 p.m.14 views

Detekt Open Source Surveillance Detection Tool

Hours spent on long-distance phone calls to political activists in the Middle East, journalists in Africa or human rights organizations in Asia are stressful for Claudio Guarnieri, an independent security researcher, white-hat hacker and civil rights activist. Often he has to convince that party,...

0.3AI score
Exploits0References2
Prion
Prion
added 2014/10/02 12:55 a.m.20 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in HP System Management Homepage SMH before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

6CVSS7AI score0.0086EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2014/08/14 4:58 p.m.11 views

NewGOZ Gameover Zeus Botnet Rebuilds

It didn’t take long for an updated version of GameOver Zeus to make some headway in rebuilding itself. Research published today from Arbor Networks demonstrates that cybercriminals behind GameOver Zeus, which was taken down by law enforcement in early June, have renewed the botnet with at least...

0.9AI score
Exploits0References3
NVD
NVD
added 2014/07/26 11:11 a.m.20 views

CVE-2014-3305

Cross-site request forgery CSRF vulnerability in the web framework in Cisco WebEx Meetings Server 1.5.1.131 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuj81735...

6.8CVSS7.2AI score0.01267EPSS
Exploits0References5
NVD
NVD
added 2014/07/24 2:55 p.m.18 views

CVE-2014-2369

Cross-site request forgery CSRF vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

6CVSS6.7AI score0.00592EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2014/07/08 10:23 a.m.10 views

Phishers Use Luis Suarez Bite as Bait

The World Cup is the most popular sporting event on the planet, and not just among sports fans; attackers and scammers of all stripes love it as well, as it presents a unique opportunity to separate victims from their money. Phishing and malware scams tied to the World Cup in Brazil have been...

0.7AI score
Exploits0References2
Cvelist
Cvelist
added 2014/06/17 2:0 p.m.27 views

CVE-2014-4188

Cross-site request forgery CSRF vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

7.1AI score0.00643EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/04/25 5:0 p.m.19 views

CVE-2013-4726

Cross-site request forgery CSRF vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

7.1AI score0.01062EPSS
Exploits3References3
Prion
Prion
added 2014/03/25 8:55 p.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS6.9AI score0.0057EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/03/14 10:55 a.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in HP System Management Homepage SMH 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.5AI score0.00979EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2014/02/19 10:27 a.m.17 views

Second Group Seen Using IE 10 Zero Day

There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page. The...

0.6AI score
Exploits0References2
Rows per page
Query Builder