490 matches found
List of 8,000 FTP Credentials for Sale in Underground Forums
Hackers are targeting FTP upload sites with the hopes of redirecting victims to spam or even infecting webservers that rely on FTP applications for updates. Hold Security reported yesterday it had secured a list of credentials for close to 7,800 FTP sites being circulated in cybercrime forums. Th...
DailyMotion Hosting Malvertising Leading to Fake AV Attack
Video-sharing site DailyMotion, one of the most popular destinations on the Web, is in the throes of an attack where it is serving malicious ads redirecting users to a fake AV scam. Security firm Invincea reported the issue to the website, and as of 4 p.m. ET, DailyMotion was still serving the fa...
CVE-2013-7256
Cross-site request forgery CSRF vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2013-6192
Cross-site request forgery CSRF vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Mobile Android banking Trojan Svpeng Adds Phishing Know-How
An Android banking Trojan known as Svpeng has added phishing capabilities to its arsenal, and researchers have spotted it attacking Russian banking clients in what is perceived to be a dry run before it is adapted for other countries. “Typically, however, cybercriminals first test-run a technolog...
CVE-2013-6346
Cross-site request forgery CSRF vulnerability in the ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Skype Malware Stealing Victims' Processing Power to Mine Bitcoins
Bitcoin may still be a virtual unknown quantity for most people, but the digital currency has not escaped the notice of attackers, many of whom are turning their attention to finding ways to use the system for their own gains. The attacks against Bitcoin exchange Mt. Gox and hack of Instawallet...
CVE-2012-5216
Cross-site request forgery CSRF vulnerability on HP ProCurve 1700-8 aka J9079A switches with software before VA.02.09 and 1700-24 aka J9080A switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Shylock banking malware spreads via Skype
The banking Trojan known as Shylock has been updated with new functionality, including the ability to spread over Skype. The program was discovered in 2011 that steals online banking credentials and other financial information from infected computers. Shylock, named after a character from...
Shylock banking malware spreads via Skype
The banking Trojan known as Shylock has been updated with new functionality, including the ability to spread over Skype. The program was discovered in 2011 that steals online banking credentials and other financial information from infected computers. Shylock, named after a character from...
Operation Red October : Cyber Espionage campaign against many Governments
A new sensational discovered has been announced by Kaspersky Lab's Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Re...
Facebook Helps FBI to shuts down Butterfly botnet theft $850 millions
The U.S. Department of Justice said on Tuesday that they’ve arrested 10 suspects from from Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States involved in a global botnet operation that infected more than 11 million systems. The ring is said to...
CVE-2011-5223
Cross-site request forgery CSRF vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2012-3256
Cross-site request forgery CSRF vulnerability in HP Business Availability Center BAC 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Iran still on target of 'Mahdi' malware after detection
In JULY Kaspersky Lab and Seculert revealed the presence of a new cyber-espionage weapon known targeting users in the Middle East. Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Money Mules, Not Customers, The Real Victims of Bank Fraud
Money mules – the accomplices who help move stolen funds – may be the real victims of online banking scams, not the bank customers who are the ostensible targets of fraudsters, according to new research from Microsoft. In a paper that turns conventional thinking about online banking crime on its...
More Apps Pulled From Android Market Over Hidden SMS Functionality
There has been another round of malicious apps discovered in the official Android Market, with this wave containing hidden functionality to send SMS messages to premium-rate numbers. The apps, which Google has pulled from the Market already, are counterfeit versions of popular games, including...
FTC Gives Refunds to Rogue Antivirus Victims
The Federal Trade Commission FTC is sending reimbursement checks to more than 300,000 people victimized by a rogue antivirus scam. According to the FTC, the checks are the result of the settlement between the agency and several defendants named in a complaint the FTC filed in 2008. As part of the...