EUVD-2014-7460

Malware in sbrugna...

World’s Largest Bank ICBC Discloses Crippling Ransomware Attack

By Deeba Ahmed Reportedly, it was a ransomware attack orchestrated by the notorious LockBit gang. This is a post from HackRead.com Read the original post: Worlds Largest Bank ICBC Discloses Crippling Ransomware Attack...

Malicious code in @icbc-ltd/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92afc232f13b9d167073ab50c37956579f3bcbd5801bc586dca168230aeb215a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-343 Malicious code in @icbc-ltd/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92afc232f13b9d167073ab50c37956579f3bcbd5801bc586dca168230aeb215a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

myebank1.icbc.com.cn XSS vulnerability

Open Bug Bounty ID: OBB-680785 Description| Value ---|--- Affected Website:| myebank1.icbc.com.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

icbc.com XSS vulnerability

Vulnerable URL: http://www.icbc.com/autoplan/moving-insurance/Pages/Default.aspx?FollowSite=0=%27-confirm/OPENBUGBOUNTY/-%27 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 44435 VIP website status:| Yes Check...

appcenter.icbc.com.cn XSS vulnerability

Vulnerable URL: https://appcenter.icbc.com.cn/AppStoreServer/verify-code.jsp?randomId=%3C/title%3E%3C/script/%27-alert%280%29-%27%22-%22--%3E%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:4...

icbc.ge XSS vulnerability

Vulnerable URL: http://www.icbc.ge/index.php?cat=contact"〈id=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check icbc.ge SSL...

ICBC Mobile Banking(Argentina) - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application ICBC Mobile BankingArgentina published at the 'play' market has multiple vulnerabilities...

ICBC Internet banking assistant and other security controls was traced to the presence of the“disaster-level”vulnerability-vulnerability warning-the black bar safety net

Recently, ICBC Internet banking assistant and other security controls was traced to the presence of the“disaster-level”vulnerability, the vulnerability can cause remote arbitrary code execution on the user computer, security caused great harm. Baidu security prompts the user as soon as possible o...

Green Alliance: the online banking security controls remote code execution vulnerability analysis V1. 2-vulnerability warning-the black bar safety net

5 on 1 1 December, nsfocus Threat Response Center reported the storm clouds announcement, ICBC security controls can lead to remote arbitrary code execution vulnerability, Tick-2 0 1 5-9 6 3 3 9, and considering the Internet financial current there are more security issues, and taking into accoun...

CVE-2014-7589

The Industrial and Commercial Bank of China ICBC Banking aka com.icbc.android application 2.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Design/Logic Flaw

The Industrial and Commercial Bank of China ICBC Banking aka com.icbc.android application 2.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7589

The Industrial and Commercial Bank of China ICBC Banking aka com.icbc.android application 2.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7589

The CVE-2014-7589 entry concerns the ICBC Banking Android app (com.icbc.android) version 2.40, where the app does not verify X.509 certificates from SSL servers. This missing certificate validation can allow a man-in-the-middle to spoof servers and exfiltrate sensitive information via a crafted c...