15 matches found
Researcher Shows Edge Browser Stores Saved Passwords in Plaintext
Cybersecurity expert Tom Rønning finds Microsoft Edge loads all saved passwords into computer memory as cleartext, making them easy for hackers to steal...
Google bug allowed phone number of almost any user to be discovered
Google has fixed vulnerabilities that made it possible to retrieve the phone numbers of almost any Google user. The flaw was found in the flow that allows users to recover their Google account using a phone number. A cybersecurity researcher called Brutecat was able to figure out the phone number...
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
Cybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis...
Exploit for Command Injection in Avtech Avm1203_Firmware
PoC tool for exploiting CVE-2024-7029 in AvTech devices 🎤...
stichtingkoryo.nl Cross Site Scripting vulnerability OBB-3916806
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hassanabul.com Cross Site Scripting vulnerability OBB-3817454
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
troyfair.com Cross Site Scripting vulnerability OBB-3473800
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Microsoft Teams Targeted With Takeover Trojans
Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found. In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops...
FBI Email Hoaxer ID’ed by the Guy He Allegedly Loves to Torment
Vinny Troia, the cybersecurity researcher mentioned in a fake alert gushed out to thousands of people from the FBI’s own email system on Friday night, has fingered the guy who allegedly pulled off the exploit. Register now for our LIVE event! Troia – white hat threat hunter, cybercrime investigat...
New web skimmer steals credit card data, sends to crooks via Telegram
The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid detection. As defenders, we look for any kind of artifacts and malicious infrastructure that we might be able to identify to protect our users and alert affected...
Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28
Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...
Afternoon Cyber Tea: Cybersecurity & IoT: New risks and how to minimize them
Recently, Microsoft announced our acquisition of CyberX, a comprehensive network-based security platform with continuous threat monitoring and analytics. This solution builds upon our commitment to provide a unified IoT security solution that addresses connected devices spread across both...
A Dangerous Vulnerability in Solar Panels can Cause Power Outage
By Waqas Willem Westerhof, a cybersecurity researcher at Dutch security firm ITsec, This is a post from HackRead.com Read the original post: A Dangerous Vulnerability in Solar Panels can Cause Power Outage...
Unfixed XSS vulnerability at server2.realist.gen.tr
Security researcher cyber, has submitted on 06/04/2007 a cross-site-scripting XSS vulnerability affecting server2.realist.gen.tr, which at the time of submission ranked 6091 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/04/2007. It is...
Unfixed XSS vulnerability at www.bosb.org.tr
Security researcher cyber, has submitted on 30/03/2007 a cross-site-scripting XSS vulnerability affecting www.bosb.org.tr, which at the time of submission ranked 915765 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 31/03/2007. It is currently...