38 matches found
The democratisation of business email compromise fraud
Welcome to this week's edition of the Threat Source newsletter. Last weekend, I witnessed a crime. Not a notable crime that you might read about in the press, but an unremarkable fraud attempt that nevertheless illustrates how new threat actor capabilities are emerging. I imagine that most people...
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primari...
CVE-2025-9021
A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely...
CVE-2025-9021
A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely...
CVE-2025-9021
SourceCodester Online Bank Management System up to version 1.0 contains a SQL injection in /bank/transfer.php caused by manipulation of the email parameter. The vulnerability is reported as remotely exploitable, with attack complexity low and no privileges required; CVSS data indicates a high-imp...
PT-2025-33455 · Sourcecodester · Sourcecodester Online Dj Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Bank Management System version 1.0 Description: A vulnerability exists in SourceCodester Online Bank Management System up to version 1.0. The issue affects unknown code within the /bank/transfer.php file. Manipulation of...
Helping a mobile malware fraud victim
Back at the start of October, we had a call from the BBC asking if we could help unpick a fraud. The victim had been defrauded of £12,000 through a rogue bank transfer and mentioned that her Android mobile phone had been behaving oddly. Of course we would help; who wouldn’t be up for the...
Man scammed IRL for a phone he sold online
If youre looking to sell an item which youve advertised online, be on your guard. Even when everything looks to be working as it should, things can go wrong very quickly as one unfortunate IT graduate recently discovered. You would think that theres no way the in-person sale of an expensive devic...
Glovo: Integer overflow vulnerability
Summary: In one of my previous reports i send parameter tampering report vulnerability. Then you asked me to send PoC and you just closed it, that's why i'm sending you this new report with exactly name of vulnerability. Integer Overflows are closely related to other conditions that occur when...
BEC Scam Costs Media Giant Nikkei $29 Million
Media conglomerate Nikkei Inc. has fallen victim to a business email compromise BEC scam that fleeced the company out of $29 million. Nikkei is Japan’s largest financial media organization and lends its name to Japan’s premier stock index, which is the equivalent of the Dow Jones Industrial Avera...
Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards
In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...
Threat Outbreak Alert RuleID28516: Email Messages Distributing Malicious Software on March 28, 2017
Medium Alert ID: 53197 First Published: 2017 March 28 14:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28516 may contain the following files: Name | Si...
Threat Outbreak Alert RuleID21982: Email Messages Distributing Malicious Software on June 23, 2016
Medium Alert ID: 44362 First Published: 2016 March 30 17:08 GMT Last Updated: 2016 June 24 13:46 GMT Version: 13 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID21982 and...
Threat Outbreak Alert RuleID21895: Email Messages Distributing Malicious Software on March 23, 2016
Medium Alert ID: 44274 First Published: 2016 March 23 17:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID21895 may contain the following files: Name | Si...
How a Typo Stopped Hackers from Stealing $1 Billion from Bank
Typos are really embarrassing, but this time it saved the Bangladesh Central Bank and the New York Federal Reserve by preventing a nearly $1 Billion £700 Million heist. Last month, some unknown hackers broke into Bangladesh's central bank, obtained credentials needed for payment transfers and the...
Threat Outbreak Alert RuleID21314: Email Messages Distributing Malicious Software on February 24, 2016
Medium Alert ID: 43730 First Published: 2016 February 24 15:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID21314 may contain the following files: Name |...
Threat Outbreak Alert RuleID14902: Email Messages Distributing Malicious Software on April 27, 2015
Medium Alert ID: 38532 First Published: 2015 April 27 12:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID14902 may contain the following files: Name | Si...
Threat Outbreak Alert: Fake Bank Account Deposit Notification Email Messages on May 21, 2014
Medium Alert ID: 34334 First Published: 2014 May 22 13:04 GMT Last Updated: 2014 May 23 18:40 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank transfer slip for the recipient. The text in the email message attempts...
Threat Outbreak Alert: Fake Bank Transfer Notification Email Messages on March 18, 2014
Medium Alert ID: 33383 First Published: 2014 March 18 18:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank transfer notification for the recipient. The text in the email message attempts to convince the recipient...
UAEPD Shopping Script SQL Injection Vulnerabilty
Exploit for php platform in category web applications .:. Author : AtT4CKxT3rR0r1ST .:. Contact : email protected , email protected .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.uaepd.net/ .:. Dork : 1inurl:”products.php?catid=” “Powered by: PD ” 2inurl:”products.php?pid” “Power...