CB TAU Threat Intelligence Notification: Common to Russian Underground Forums, AZORult Aims to Connect to C&C Server, Steal Sensitive Data

AZORult is an info stealing trojan that will steal various sensitive data from the victim's computer. It is commonly sold in Russian underground forums and is often actively being delivered via spear-phishing campaigns or, as in the recent attack, distributed via a fake website, pretending to be...

LayerBB < 1.1.4 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: LayerBB 1.1.3 - Multiple CSRF Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=30 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-16531 1. Description:...

Post GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware

Ransomware continues to be a top threat, with Friday’s ransomware attack on 23 Texas local government and agencies and two in June on dual Florida cities – Lake City and Riviera Beach, resulting in a decision to pay off the hackers — acting as perfect examples of just how lucrative this type of...

Web Wiz Forums 12.01 - &#039;PF&#039; SQL Injection

Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection Date: 2019-09-16 Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm Version: 12.01 Tested on Windows Vulnerable parameter: PF memberprofile.asp GET Request GET /memberprofile.asp?PF=10'...

Web Wiz Forums 12.01 - (PF) SQL Injection Vulnerability

Exploit for asp platform in category web applications Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm Version: 12.01 Tested on Windows Vulnerable parameter: PF memberprofile.asp GET...

Web Wiz Forums 12.01 - PF SQL Injection

Web Wiz Forums 12.01 - PF SQL Injection Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection Date: 2019-09-16 Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm Version: 12.01 Tested on Windows Vulnerable parameter: PF memberprofile.asp GET...

Web Wiz Forums 12.01 SQL Injection

Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection Date: 2019-09-16 Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm Version: 12.01 Tested on Windows Vulnerable parameter: PF memberprofile.asp GET Request GET /memberprofile.asp?PF=10'...

forums.clearone.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-928878 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting forums.clearone.com websi...

Android Ransomware Spreads Via 'Sex Simulation Game' Links on Reddit, SMS

Researchers are warning of a new Android ransomware being spread via links in online forums and SMS messages. The malicious links purport to connect back to a sex simulation game, but in reality lead to ransomware that encrypts victims’ files. The Android ransomware, dubbed Android/Filecoder.C, h...

Vanilla: Web cache deception attack on https://open.vanillaforums.com/messages/all

I have found a Vulnerability in vanilla forums which called Web cache deception attack. Web Cache Deception Attack Websites often tend to use web cache functionality to store files that are often retrieved, to reduce latency from the web server. Websites often tend to use web cache functionality...

'GozNym' Banking Malware Gang Dismantled by International Law Enforcement

In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe,...

Say hello to Baldr, a new stealer on the market

By William Tsing, Vasilios Hioureas, and Jérôme Segura Over the past few months, we have noticed increased activity and development of new stealers. Unlike many banking Trojans that wait for the victim to log into their bank's website, stealers typically operate in grab-and-go mode. This means th...

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code

In a world that's growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce sites. Magecart, which is in the news a lot lately, is an umbrella term given to 12 different cyber criminal groups that are specialized in secretly implanting a special piece...

Vanilla Directory Traversal Vulnerability

Vanilla Forums is a Canadian company Vanilla Forums PHP-based open source forum program . A security vulnerability exists in the 'getSingleIndex' function in Vanilla versions prior to 2.6.4. An attacker can exploit the vulnerability to execute code in the context of a web server with the help of...

Bootstrapy CMS - Multiple SQL Injection

Exploit Title: Bootstrapy CMS - Multiple SQL Injection Date: 21.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://bootstrapy.com Demo Site: http://bootstrapy.net/demo/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...

Vanilla Forums 2.x Open Redirection

Exploit Title : VanillaForums 2.x Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 11/03/2019 Vendor Homepage : open.vanillaforums.com Software Information Link : vanillaforums.com/en/software/ open.vanillaforums.com/addon/vanilla-core Software...

Cross site scripting

Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum...

CVE-2019-8279

Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum...

CVE-2019-8279

Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum...

CVE-2019-8279

CVE-2019-8279 is a vulnerability in Vanilla Forums prior to 2.5 identified as multiple stored XSS in forum messages. The underlying issue is that arbitrary JavaScript could be injected into messages, enabling remote attackers to execute code in a user’s browser. The connected documents confirm th...