EUVD-2014-5716

Malware in sbrugna...

Common Cloud Misconfigurations Exploited in Minutes, Report

Poorly configured cloud services can be exploit by threat actors in minutes and sometimes in under 30 seconds. Attacks include network intrusion, data theft and ransomware infections, researchers have found. Researchers at Palo Alto Networks’ Unit 42 used a honeypot infrastructure of 320 nodes...

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

Arts-and-crafts retailer Hobby Lobby has suffered a cloud-bucket misconfiguration, exposing a raft of customer information, according to a report. An independent security researcher who goes by the handle “Boogeyman” uncovered the issue and reported it to Motherboard in an online chat, according ...

CVE-2014-5829

The Hobby Lobby Stores aka com.hobbylobbystores.android application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Hobby Lobby Stores aka com.hobbylobbystores.android application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5829

The Hobby Lobby Stores aka com.hobbylobbystores.android application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5829

CVE-2014-5829 affects the Hobby Lobby Stores Android app (package com.hobbylobbystores.android) version 2.1.9, where SSL/TLS server certificates are not verified. This weakness allows MITM attackers to spoof servers and obtain sensitive information via a crafted certificate, compromising confiden...