Lucene search
K

25 matches found

Malwarebytes
Malwarebytes
added 2025/03/14 3:29 p.m.14 views

Research on iOS apps shows widespread exposure of secrets

Researchers found that most of the apps available on Apple’s App Store leak at least one hard-coded secret. The researchers looked at 156,000 iOS apps and discovered more than 815,000 hardcoded secrets, including very sensitive secrets like keys to cloud storage, various Application Programming...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.6 views

PT-2024-1894 · WordPress · Ultimate Member

Name of the Vulnerable Software and Affected Versions: Ultimate Member versions 2.1.3 through 2.8.2 Description: The issue is related to a SQL injection vulnerability in the Ultimate Member plugin for WordPress. This vulnerability can be exploited by unauthenticated attackers to append additional...

10CVSS9.8AI score0.89431EPSS
Exploits8References64
Positive Technologies
Positive Technologies
added 2023/11/13 12:0 a.m.3 views

PT-2023-32511 · Unknown · Ics Business Manager

Name of the Vulnerable Software and Affected Versions: ICS Business Manager version 7.06.0028.7089 Description: A SQL injection issue has been discovered, allowing a remote user to send a specially crafted SQL query to retrieve all database information. The data can also be modified or deleted,...

9.4CVSS9.1AI score0.00803EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/07/26 10:53 a.m.40 views

The Alarming Rise of Infostealers: How to Detect this Silent Threat

A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing a.k.a. infostealer or stealer malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new Uptycs' whitepaper,...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/05 1:0 a.m.16 views

Fake ransomware demands payment without actually encrypting files

Fake it till you make it ransomware groups are trying to get rich off the backs of genuine ransomware authors. Why are they "fake it till you make it"? Because they dont actually create ransomware or compromise networks in any way. Theyre simply lying through their teeth and hoping that recipient...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/12/02 4:3 p.m.15 views

tang-prize.org Cross Site Scripting vulnerability OBB-3084036

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2021/06/28 5:18 p.m.19 views

GHSA-7P8H-86P5-WV3P Cross-site scripting

Two kinds of XSS were found: 1. As mentioned in https://github.com/mongo-express/mongo-express/issues/577 when the content of a cell grows larger than supported size, clicking on a row will show full document unescaped, however this needs admin interaction on cell. 2. Data cells identified as med...

8.1CVSS6.7AI score0.0157EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2021/06/16 1:0 p.m.182 views

5 Tips to Prevent and Mitigate Ransomware Attacks

Ransomware attacks cost companies over $100 billion a year. Making matters worse, the overwhelming majority of ransomware attacks now include a threat to leak stolen data if the ransom isn’t paid, a technique called “double extortion.” Cybercriminals like ransomware because the entry barrier is...

7.8AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2020/08/08 5:14 p.m.35 views

all-calidad.com Cross Site Scripting vulnerability OBB-1254462

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/06/10 11:21 a.m.11 views

snappville.com Cross Site Scripting vulnerability OBB-1191361

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2019/05/09 2:56 p.m.66 views

Take these Five Steps to Really Mitigate your Data Breach Risks

Data breaches are a CSO/CISO’s worst nightmare. And they’re getting bigger and more damaging all the time. It’s no longer just hundreds of millions of users whose personal data is stolen at a time, but billions of users. That’s translating into ever-growing financial repercussions. The irony,...

Exploits0
0day.today
0day.today
added 2019/04/03 12:0 a.m.964 views

PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category:...

Exploits0
ThreatPost
ThreatPost
added 2019/01/30 8:41 p.m.59 views

Attackers Can Track Kids' Locations via Connected Watches

Despite ongoing warnings about connected watches and toys endangering kids’ privacy and potentially their physical safety, makers of these Internet of Things gadgets continue to turn out products that do just that. The latest concern is a gamut of kids’ GPS-tracking watches, which were found to b...

7AI score
Exploits0References7
Imperva Blog
Imperva Blog
added 2018/06/22 8:36 p.m.57 views

How To Leverage Data Access Analytics for Effective Breach Detection

Detecting and preventing data breaches is a challenge for most, if not all, enterprises. In fact, according to a study released in 2017, 78% of all CISOs are concerned that data breaches go undetected, while only 19% admit they are effective at breach prevention. Simply put, breaches happen almos...

0.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2018/05/22 3:0 a.m.31 views

GDPR Is Here: Achieve Superior Data Breach Prevention and Detection with Qualys

Turned into law in 2016, the EU’s General Data Protection Regulation GDPR finally goes into effect this week, slapping strict requirements on millions of businesses and subjecting violators to severe penalties. The complex regulation applies to any organization worldwide -- not just in Europe --...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2017/12/31 12:0 a.m.45 views

Chatting System PHP Ajax MySQL JavaScript 1.0 Shell Upload

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - Remote Shell Upload Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/04/26 3:30 p.m.17 views

3 Steps to Protecting Sensitive Data

Cyber criminals, compromised insiders, malicious users, hacktivists. It seems like everyone is getting in on the threat game. In fact, despite efforts to prevent them, last year the U.S. experienced a 40% increase in data breaches according to a report by the Identity Theft Resource Center and...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2016/10/04 2:32 p.m.11 views

Cloud, IoT Big Factors in Annual BSIMM 7 Report

Bad software equals insecure software, and companies don’t have to accept this status quo. That’s both the takeaway and goal of Cigital’s seventh annual Building Security in Maturity Model report released Tuesday. The report reveals that the cloud, application containers, and agile software...

7.5AI score
Exploits0References1
FireEye
FireEye
added 2016/07/18 12:0 p.m.21 views

Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection

Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2014/12/10 10:3 a.m.17 views

CHARGE Anywhere Breached, Plain Text Data Accessed

CHARGE Anywhere, a New Jersey-based developer of payment gateway and mobile payment applications, on Tuesday disclosed that it had been breached and that hackers had access to transactions leaving its network, perhaps going back as far as 2009. Most of the traffic was encrypted, the company said ...

0.2AI score
Exploits0References6
Rows per page
Query Builder