86 matches found
Report Details Coca-Cola Cyber Attack That Never was Disclosed
In an exclusive report, Bloomberg News outlines a month-long, systematic attack on Cola-Cola’s computer systems that may have influenced the failed $2.4 billion acquisition of a Chinese juice company. The FBI knew about it. Coca-Cola knew about it. But shareholders were kept in the dark. The Coke...
#WikiLeaks publishes millions of Hacked Stratfor E-mails #gifiles
WikiLeaks publishes millions of Hacked Stratfor E-mails gifiles WikiLeaks today began publishing more than five million confidential e-mails from US-based Intelligence firm Stratfor. About 5.5m emails obtained from the servers of Stratfor, a US-based intelligence gathering firm with about 300,000...
Anonymous Hacks, Leaks E-mails, Voicemails of California Special Agent
Calling it a form of “electronic civil disobedience,” hacktivist group Anonymous took aim at a special agent from the California Department of Justice on Friday. The group spilled 38,000 e-mails containing “computer forensics techniques, investigation protocols as well as highly embarrassing...
Symantec Traces Attacks on Chemical Industry To 20 Year Old Chinese Hacker-For-Hire
A report from Symantec Corp. details a roving campaign of intellectual property theft controlled by a 20 year-old hacker for hire that relied on phishing e-mail, some old malware and command and control operations based in China. The company on Tuesday unveiled research on the targeted attacks,...
FreeBSD : gforge -- XSS and email flood vulnerabilities (d7cd5015-08c9-11da-bc08-0001020eed82)
Jose Antonio Coret reports that GForge contains multiple Cross Site Scripting vulnerabilities and an e-mail flood vulnerability : The login form is also vulnerable to XSS Cross Site Scripting attacks. This may be used to launch phising attacks by sending HTML e-mails i.e.: saying that you need to...
8Pixel Blog CMS v4.2 - Cross Site Scripting Vulnerability
Document Title: =============== 8Pixel Blog CMS v4.2 - Cross Site Scripting Vulnerability Release Date: ============= 2011-08-14 Vulnerability Laboratory ID VL-ID: ==================================== 1 Product & Service Introduction: =============================== 8pixel.net developes...
8Pixel Blog CMS v4.2 - Cross Site Scripting Vulnerability
Document Title: =============== 8Pixel Blog CMS v4.2 - Cross Site Scripting Vulnerability Release Date: ============= 2011-08-14 Vulnerability Laboratory ID VL-ID: ==================================== 1 Product & Service Introduction: =============================== 8pixel.net developes...
Hackers stole classified information from two Canadian ministries
Hackers stole classified information from two Canadian ministries The hackers sent e-mails to staff that seemed to come from senior managers, the Canadian Broadcasting Corp. reported. When recipients opened the attachments, the hackers got a path into the federal network. Stockwell Day, then the...
Anonymous Leaks 10,000 E-mails of Iranian Government
Anonymous Leaks 10,000 E-mails of Iranian Government A collection of 10,365 e-mails of the Iranian government were leaked by Anonymous OpIran on June 2, 2011. According to members of Anonymous the files were taken after the hacker accessed the Iranian Passport and Visa Office email center. These...
CVE-2011-1405
Mahara is affected by CVE-2011-1405 (and related CVEs) up to version
MC Content Manager 10.1.1 Cross Site Scripting
Hello list! I want to warn you about Cross-Site Scripting, Abuse of Functionality and Insufficient Anti-automation vulnerabilities in MC Content Manager. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions o...
HOLD — HBGary Federal News…
HBGary Federal, the beleagured security startup that has been the target of the online mischief making group Anonymous for the last week said on Monday that it was ceasing operations | its CEO Aaron Barr was stepping down. The consulting firm, a wholly owned subsidiary of HBGary Inc., had been...
(0Day) IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable...
Adobe Warns: Unpatched PDF Vulnerability Under Attack
Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers. The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIX. Adobe described the in-the wild attacks as limited an...
[SECURITY] Fedora 7 Update: otrs-2.1.5-4.fc7
OTRS is an Open source Ticket Request System also well known as trouble ti cket system with many features to manage customer telephone calls and e-mails. The system is built to allow your support, sales, pre-sales, billing, internal IT, helpdesk, etc. department to react quickly to inbound...
CVE-2007-5922
The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information hostnames, usernames, and shell history to a fixed address...
openSUSE 10 Security Update : clamav (clamav-2180)
Two security problems have been found and fixed in the antivirus scan engine 'clamav', which could be used by remote attackers sending prepared E-Mails containing special crafted infected files to potentially execute code. CVE-2006-4182: A problem in dealing with PE Portable Executables aka Windo...
Code injection
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails spam via modified recipient, SETTINGSallowedemailhosts, and subject parameters...
CVE-2007-1898
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails spam via modified recipient, SETTINGSallowedemailhosts, and subject parameters...
SUSE-SA:2006:060: clamav
The remote host is missing the patch for the advisory SUSE-SA:2006:060 clamav. Two security problems have been found and fixed in the anti virus scan engine 'clamav', which could be used by remote attackers sending prepared E-Mails containing special crafted infected files to potentially execute...