Lucene search
+L

12 matches found

Malwarebytes
Malwarebytes
added 2025/06/18 9:28 a.m.14 views

Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone number

The examples in this post are actual fraud attempts found by Malwarebytes Senior Director of Research, Jérôme Segura. Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2021/10/04 5:21 p.m.8 views

CVE-2021-39347 Stripe for WooCommerce 3.0.0 - 3.3.9 Missing Authorization Controls to Financial Account Hijacking

The Stripe for WooCommerce WordPress plugin is missing a capability check on the save function found in the /includes/admin/class-wc-stripe-admin-user-edit.php file that makes it possible for attackers to configure their account to use other site users unique STRIPE identifier and make purchases...

4.3CVSS4.5AI score0.00648EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/10/04 5:21 p.m.17 views

CVE-2021-39347 Stripe for WooCommerce 3.0.0 - 3.3.9 Missing Authorization Controls to Financial Account Hijacking

The Stripe for WooCommerce WordPress plugin is missing a capability check on the save function found in the /includes/admin/class-wc-stripe-admin-user-edit.php file that makes it possible for attackers to configure their account to use other site users unique STRIPE identifier and make purchases...

4.3CVSS4.8AI score0.00648EPSS
Exploits0References2
Patchstack
Patchstack
added 2021/10/01 12:0 a.m.20 views

WordPress Stripe For WooCommerce plugin 3.0.0 – 3.3.9 - Missing Authorization Controls to Financial Account Hijacking vulnerability

Missing Authorization Controls to Financial Account Hijacking vulnerability discovered by Margaux DABERT Intrinsec in WordPress Stripe For WooCommerce plugin versions 3.0.0 – 3.3.9. Solution Update the WordPress Stripe For WooCommerce plugin to the latest available version at least 3.3.10...

4.3CVSS3AI score0.00648EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2021/10/01 12:0 a.m.20 views

Stripe For WooCommerce 3.0.0 - 3.3.9 - Missing Authorization Controls to Financial Account Hijacking

The plugin is missing a capability check on the save function found in the /includes/admin/class-wc-stripe-admin-user-edit.php file that makes it possible for attackers to configure their account to use other site users unique STRIPE identifier and make purchases with their payment accounts...

4.3CVSS4.1AI score0.00648EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2021/02/01 9:47 p.m.147 views

Wind River ‘Security Incident’ Affects SSNs, Passport Numbers

Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/11/02 8:23 p.m.23 views

$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail

Authorities have sentenced a hacker to eight years in prison for trafficking stolen personally identifiable information PII and online banking credentials resulting in losses totaling over $100 million. Aleksandr Brovko, 36, formerly of the Czech Republic, pleaded guilty in February to conspiracy...

0.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/11/22 10:49 p.m.133 views

ID Thieves Turn to Snail Mail as Juicy Target for Financial Crimes

As it gets harder for cybercriminals to bypass business email compromise BEC defenses, some hackers are switching from email scams to real-mail cons. Researchers at Flashpoint said they are monitoring hacker forums where criminals are swapping tips on a growing ID theft and financial crime area,...

7AI score
Exploits0References5
The Hacker News
The Hacker News
added 2015/09/10 11:59 p.m.14 views

Health Insurer Excellus Hacked; 10.5 Million Records Breached

Health Care Hacks — the choice of hackers this year! In a delayed revelation made by Excellus BlueCross BlueShield BCBS, which says that about 10.5 Millions of their clients' data and information has been compromised by hackers. Excellus BCBS headquartered in Rochester, New York, provides finance...

7AI score
Exploits0
Cisco Threats
Cisco Threats
added 2013/10/24 5:4 p.m.11 views

Threat Outbreak Alert: Fake Financial Account Statement Email Messages on October 23, 2013

Medium Alert ID: 31481 First Published: 2013 October 24 17:04 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an account statement for the recipient. The text in the email message attempts to convince the recipient to op...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2012/01/24 9:5 p.m.9 views

Data Breach Affects Two Million NY Customers, State Commission to Investigate

The New York State Public Service Commission announced yesterday they’ll be looking into a data breach that may have exposed the personal information of almost two million customers to unknown attackers. An employee from a software consulting firm contracted by New York State Electric & Gas NYSEG...

2.7AI score
Exploits0References7
Mozilla
Mozilla
added 2007/02/23 12:0 a.m.35 views

Information disclosure through cache collisions — Mozilla

Aad reported that two web pages can collide in the disk cache with the result that depending on order loaded the end of the longer document can be appended to the shorter when the shorter is reloaded from the cache. It is possible a determined hacker could construct a targeted attack to steal som...

5.4CVSS1.3AI score0.03116EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder