animalbulgaria.com Cross Site Scripting vulnerability OBB-3939742

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

This Week in Spring - May 27th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it will be! I'm in Venice, Italy, on a little vacation, but tomorrow I begin a quick journey to beautiful Sofia, Bulgaria, where I'll be speaking at the amazing JPrime software show it's my first time speaking...

MicroDicom DICOM Viewer

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : MicroDicom Equipment : DICOM Viewer Vulnerabilities : Heap-based Buffer Overflow, Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory...

ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families

Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate formerly Infra Storm that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of...

Europol Busts Crypto Fraud Call Centers

By Deeba Ahmed The operation took place all over Europe including Serbia, Bulgaria, Germany, and Cyprus. This is a post from HackRead.com Read the original post: Europol Busts Crypto Fraud Call Centers...

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the Unite...

F*EX 代码注入漏洞

FEX is a Perl-based HTTP file exchange service from the individual developer sahwar in Bulgaria. A security vulnerability exists in FEX that allows eval injection for unauthenticated remote code execution...

Starbucks: Bulgaria - Subdomain takeover of mail.starbucks.bg

nukedx discovered that the mail.starbucks.bg domain was pointing to a mail service from icn.bg and confirmed that icn.bg did not host this domain. nukedx successfully claimed the subdomain from icn.bg, configured login credentials through the web panel and setup a valid email server. nukedx then...

Large-Scale Government Hacks Hit Russia, Bulgaria

A pair of notable hacks on government targets have come to light: One, an attack affecting nearly the entire country of Bulgaria; and two, a hack of Russia’s main security agency FSB that represents the largest data heist ever experienced there. In Bulgaria, cybercriminals were able to infiltrate...

Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers

Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people. According to multiple sources in local Bulgarian media, an unknown hacker earlier...

Alleged Russian Hacker Pleads Not Guilty After Extradition to United States

A Russian hacker indicted by a United States court for his involvement in online ad fraud schemes that defrauded multiple American companies out of tens of millions of dollars pleaded not guilty on Friday in a courtroom in Brooklyn, New York. Aleksandr Zhukov, 38, was arrested in November last ye...

bulgaria.utre.bg XSS vulnerability

Open Bug Bounty ID: OBB-570965 Description| Value ---|--- Affected Website:| bulgaria.utre.bg Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bulgaria.dxn2u.com XSS vulnerability

Open Bug Bounty ID: OBB-481480 Description| Value ---|--- Affected Website:| bulgaria.dxn2u.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

BadRabbit: a closer look at the new version of Petya/NotPetya

Petya/NotPetya aka EternalPetya, made headlines in June, due to it's massive attack on Ukraine. Today, we noted an outbreak of a similar-looking malware, called BadRabbit, probably prepared by the same authors. Just like the previous edition, BadRabbit has an infector allowing for lateral...

‘BadRabbit’ Ransomware Burrows Into Russia, Ukraine

ARCHIVED STORY ‘BadRabbit’ Ransomware Burrows Into Russia, Ukraine By Raj Samani · October 24, 2017 This post was researched and written by Tim Hux, David Marcus, Charles McFarland, Douglas McKee, and Raj Samani. McAfee is currently investigating a ransomware campaign known as BadRabbit, which...

Bulgaria passes Law that mandates Government Software must be Open Source

Do you have any idea what the software you have installed is doing stealthily in the background? If it's not an open source software, can you find out? Usually, the answer is no. After Edward Snowden’s revelations, it's clear that how desperately government agencies wants to put secret backdoors ...

INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service Vulnerability

MiniUPNPd version 1.0 remote denial of service exploit. !/usr/bin/perl miniupnpd/1.0 remote denial of service exploit Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP...

INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service

INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service !/usr/bin/perl miniupnpd/1.0 remote denial of service exploit Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...

Seowonintech Routers Remote Root File Dumper

This exploit dumps an arbitrary file from the filesystem with root level permissions on Seowonintech routers with firmware less than and equal to 2.3.9. !/usr/bin/perl + Seowonintech routers ; $bug = $host."/cgi-bin/systemconfig.cgi?filename=".$file."&btntype=load&action=APPLY"; if$file eq "" pri...

StarVedia IPCamera IC502w IC502w+ v020313 - UsernamePassword Disclosure

StarVedia IPCamera IC502w IC502w+ v020313 - UsernamePassword Disclosure !/usr/bin/perl + StarVedia IPCamera IC502w IC502w+ v020313 remote bypass username/password disclosure exploit Author: Todor Donev Email: todor.donev at gmail dot com Type: Hardware Thanks to Tsvetelina Emirska the best friend...