18 matches found
MAL-2025-16685 Malicious code in ccpa-jurisdiction-sdk (npm)
The package ccpa-jurisdiction-sdk was found to contain malicious code...
sadsong.net Cross Site Scripting vulnerability OBB-2920350
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
DOJ Says Doctor is Malware Mastermind
On Monday, the U.S. Attorney’s Office for the Eastern District of New York revealed criminal charges against 55 year-old cardiologist Moises Luis Zagala Gonzalez of Cuidad Bolivar, Venezuela accusing him of being the mastermind behind the prolific Thanos malware. The inditement alleges he “design...
Clarifying the Computer Fraud and Abuse Act
A federal court has ruled that violating a website's terms of service is not "hacking" under the Computer Fraud and Abuse Act. The plaintiffs wanted to investigate possible racial discrimination in online job markets by creating accounts for fake employers and job seekers. Leading job sites have...
Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks
The Indonesian National Police in a joint press conference with Interpol and cybersecurity firm Group-IB earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online...
Amcrest Cameras 2.520.AC00.18.R Unauthenticated Audio Streaming
Exploit Title: Unauthenticated Audio Streaming from Amcrest Camera Shodan Dork: html:"@WebVersion@" Date: 08/29/2019 Exploit Author: Jacob Baines Vendor Homepage: https://amcrest.com/ Software Link: https://amcrest.com/firmwaredownloads Affected Version: V2.520.AC00.18.R Fixed Version:...
SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2018:0630-1)
This update for java-171-ibm provides the following fix: The version was updated to 7.1.4.20 bsc1082810 - Security fixes : - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602 CVE-2018-2678 CVE-2018-2677...
Judge Rules Use of FBI Malware Is A 'Search'
Civil liberty advocates say a Texas judge got it right when he ruled on a controversial child porn case regarding the FBI’s use of malware to search a computer. Senior U.S. District Judge David Alan Ezra of the San Antonio division of the Western District of Texas court ruled that sending malware...
Privacy Watchdogs Vow to Fight 'Dystopian' Rule 41
The Supreme Court is moving to expand the FBI’s hacking authority with Criminal Rule 41, an amendment to federal criminal procedures that makes it easier for the FBI to access computers remotely when their locations are unknown. Privacy watchdogs are blasting the proposed change saying it would...
CloudFlare Transparency Report Shows Spike in Court Orders
In its latest transparency report, CloudFlare says that the number of subpoenas it has received has remained steady since last year, but the volume of court orders has more than doubled since the second half of last year. While much of the data from CloudFlare’s report for the first half of 2015...
Who Governs The Internet and whose property is it?
The recent exposes and revelations by Edward Snowden about the Top Secret Internet Snooping program currently run by US National Security Agency NSA have shocked the world. The extent of snooping is even more shocking and what has just stunned the world is the sheer name of top Internet companies...
CarderProfit Case Shows Maturation of FBI Anti-Cybercrime Operations
The FBI is the country’s top police unit, charged with tackling the biggest problems facing its citizens. Cybercrime, by just about any measure, would fall somewhere near the top of that list of problems.The FBI historically has been ineffective and at times indifferent to all of this. However,...
SOPA in US and Censorship in India: A cocktail to destroy Internet Freedom !
SOPA in US and Censorship in India : A cocktail to destroy Internet Freedom ! As US senators mull over the SOPAStopping Online Piracy Act and PIPAProtecting Intellectual Property Act bills, the world stands witness to a historic moment. Almost all big IT companies like Google, Wikipedia, Facebook...
Report: Obama Administration Considered Libyan Cyber-Offensive
The Obama Administration reportedly debated kicking off its latest war-effort in Libya with a cyber-offensive targeting the Qaddafi regime’s air-defense infrastructure, according to a report from the New York Times. The details of the Obama Administration’s plan remain classified, but the Times...
Attorney General: Massachusetts Won't Investigate iTunes Fraud
It looks as if Apple iTunes users who have been the victim of identity theft will have to look for a new knight in shining armor to wring answers from the notoriously close-lipped Cupertino technology giant. The Massachusetts Attorney General’s Office said on Monday that it isn’t planning to...
Java HotSpot Cryptographic Provider signature verification vulnerability
An attacker can add a cryptographic provider containing cipher implementation signed by an untrusted certificate. The attacker can also create his or her own jurisdiction policy files signed by an untrusted certificate. In order to achieve this, the attacker must first of all add a fake...
Europe's Cybersecurity Agency Gears Up for War on Botnets !
The European Network and Information Security Agency ENISA, Europe's Cyber security agency, issued a report focused on botnets this week titled, "Botnets: Measurement, Detection, Disinfection and Defence." The report discusses the reliability of botnet size estimates and provides recommendations...
CVE-2008-4368
The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension JCE key sizes to 128 bits, which makes it easier for attackers to decrypt ciphertext produced by JCE...