489 matches found
This Week in Security News: Bloomingdale’s and Claudette
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Timehop, Macy’s, Bloomingdale’s, and Domain Factory announce a system-wide breach. Also, a new AI tool, Claudette, is holding tech companies...
Facebook Faces £500,000 Fine in U.K. Over Cambridge Analytica Leak
Facebook has been fined £500,000 $664,000 in the U.K. after the country's data protection watchdog concluded that its data-sharing scandal broke the law, making it as the social network's first fine over the Cambridge Analytica scandal. Yes, £500,000—that's the maximum fine allowed by the UK's Da...
Security Bulletin: IBM Security Guardium is affected by Using Components with Known Vulnerabilities
Summary IBM Security Guardium is affected by Using Components with Known Vulnerabilities. IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2014-3584 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by the processing of SAML tokens received...
Security Bulletin: IBM Security Guardium is affected by Using Components with Known vulnerabilities (multiple CVEs)
Summary IBM Security Guardium is affected by Using Components with Known vulnerabilities. IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2014-3584 DESCRIPTION: Apache CXF is vulnerable to a denial of service, caused by the processing of SAML tokens received...
Russia to Fine Search Engines for Linking to Banned VPN services
In its years-long efforts to censor the Internet by blocking access to a large number of websites in the country, Russia has now approved a new bill introducing fines for search engines that provide links to banned sites, VPN services, and anonymization tools. VPNs, or Virtual Private Networks, a...
A week in security (April 23 – April 29)
Last week, we dug into behavioral biometrics, explored a new crossrider variant, and embraced the power of "no." We also launched another CrackMe challenge, took a deep dive into smart toys, and finished up with a look at digital privacy in the age of IoT. Other news LinkedIn does battle with...
This Week in Security News: Fines and Funding
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the SEC paid $35 million in fines following the 2014 breach, in which Russian hackers obtained the information of 500 million users. In...
fine-art.co.za XSS vulnerability
Open Bug Bounty ID: OBB-606995 Description| Value ---|--- Affected Website:| fine-art.co.za Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Hashcat Wrapper for Distributed Hashcracking: Hashtopolis
Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts: Agent Multiple clients C, Python,...
shop36213.fineartprint.de XSS vulnerability
Open Bug Bounty ID: OBB-582620 Description| Value ---|--- Affected Website:| shop36213.fineartprint.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
melbournefineart.com.au XSS vulnerability
Open Bug Bounty ID: OBB-578179 Description| Value ---|--- Affected Website:| melbournefineart.com.au Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until disclosure Disclosure Standard:| Coordinated Disclosure based on...
PT-2018-18092 · Finecms · Finecms
Name of the Vulnerable Software and Affected Versions: FineCms version 5.3.0 Description: The issue concerns a Cross Site Scripting XSS problem. It occurs via the id or lid parameter in a "c=linkage,m=import" request to "admin.php". The xss clean protection mechanism is bypassed by specially...
obeygiant.com XSS vulnerability
Open Bug Bounty ID: OBB-488393 Description| Value ---|--- Affected Website:| obeygiant.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based...
fine-arts-museum.be XSS vulnerability
On the 26.12.2017 security researcher reported a XSS vulnerability affecting the fine-arts-museum.be website via the Open Bug Bounty coordinated vulnerability disclosure program. Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitted via Open Bug Bounty| 26 December,...
Uber Reveals 2016 Breach of 57 Million User Accounts
Ride-hailing service Uber Technologies revealed Tuesday that the company suffered a breach of 57 million Uber user accounts in 2016. According to reports, Uber then attempted to cover up the incident by paying $100,000 to attackers to keep the hack a secret and delete the data. Dara Khosrowshahi,...
Facebook slapped with $1.43 million fine for violating users' privacy in Spain
Facebook is once again in trouble regarding its users' privacy. The social media giant has recently been heavily fined once again for a series of privacy violations in Spain. Recently, Google also incurred a record-breaking fine of $2.7 billion €2.42 billion by the European antitrust officials fo...
CVE-2017-11585
dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection...
FineCMS Cross-Site Scripting Vulnerability (CNVD-2017-15549)
FineCMS is an efficient and simple small and medium-sized content management system based on PHP+MySql+CI framework development for multiple terminals, including Pc-side web pages and mobile web pages, support for customized content models and member models, and can be customized fields, can be...
harvesthouse.ca XSS vulnerability
Vulnerable URL: http://www.harvesthouse.ca/finebedroomfurniture.asp?solidwood=1"...
Google Hit With $2.7 Billion Antitrust Fine
Search giant Google this week was hit with a hefty $2.7 billion fine seven years in the making. Antitrust officials with the European Commission handed out the fine, which translates to €2.4 billion. Regulators with the EC claim the company abused its dominance as a search engine to push its...