75 matches found
Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets
Over the past several months, Microsoft has observed a mature subgroup of Mint Sandstorm, an Iranian nation-state actor previously tracked as PHOSPHORUS, refining its tactics, techniques, and procedures TTPs. Specifically, this subset has rapidly weaponized N-day vulnerabilities in common...
RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...
CVE-2020-4556
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329...
CVE-2020-4556
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329...
Design/Logic Flaw
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329...
CVE-2020-4556
CVE-2020-4556 concerns IBM Financial Transaction Manager for High Value Payments for Multi-Platform versions 3.2.0–3.2.10, where web pages can be stored locally and read by another user on the same system (information disclosure). The issue is documented across multiple sources (IBM X-Force ID 18...
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 安全漏洞
IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platform from International Business Machines IBM. The product is primarily used to monitor, track and report on financial payments and transactions. A security...
SUSE CVE-2010-2248
fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service panic via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite...
Transacting in Person with Strangers from the Internet
Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that dont deserve to end up in a landfill. But when dealing with strangers from the Internet,...
APT37 employs Konni malware to target high-level organizations
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary The Konni remote access trojan, which is widely used malware by the APT37, is used in the attack campaign to take advantage of high-value targets from countries like the Czech Republic, Poland, and many others...
Attackers can prevent the transfer of the highest-value Cosmos to Ethereum transactions
Lines of code Vulnerability details In order to ensure that profitable batches are eventually created we must avoid locking up the high fee 'good transactions' into obviously bad batches. To add to the difficulty we don't actually know what any token in this process is worth or what ETH gas costs...
Researchers Share In-Depth Analysis of PYSA Ransomware Group
An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows. This included a user-friendly tool like ...
Hacker pleads guilty to sim swapping, stealing cryptocurrency
By Deeba Ahmed A 21-year old hacker has admitted running a campaign over social media to hijack accounts of "high-value" account names and steal cryptocurrency. This is a post from HackRead.com Read the original post: Hacker pleads guilty to sim swapping, stealing cryptocurrency...
Earn up to $10K from the Opera Bug Bounty program
Security Earn up to $10K from the Opera Bug Bounty program Share April 30th, 2021 Join the Opera Bug Bounty program, find vulnerabilities in scope, tell us how you did it, and collect rewards. We pay up to $10K for confirmed high-value submissions. Opera has two bug bounty programs operated by...
IBM Financial Transaction Manager Authorization Issues Vulnerability
IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. An authorization issue vulnerability exists...
Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential logout session timeout (CVE-2020-4555)
Summary Login session may not be invalidated in a timely manner on timeout. Vulnerability Details CVEID: CVE-2020-4555 DESCRIPTION: IBM Financial Transaction Manager for High Value Payments for Multi-Platform does not invalidate session after logout which could allow an authenticated user to...
IBM Financial Transaction Manager 授权问题漏洞
IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. An authorization issue vulnerability exists...
New PIN Verification Bypass Flaw Affects Visa Contactless Payments
Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered an authentication flaw in the company's EMV enabled payment cards that permits cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly. The...
IBM Financial Transaction Manager for High Value Payments for Multi-Platform SQL Injection Vulnerability
IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. A SQL injection vulnerability exists in IBM...
Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential Cross-Site Scripting (Reflected) vulnerability (CVE-2020-4560)
Summary This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEID: CVE-2020-4560 DESCRIPTION: IBM Financial Transaction Manager is...