Lucene search
+L

9 matches found

Github Security Blog
Github Security Blog
added 2024/07/18 10:3 p.m.23 views

TorchServe vulnerable to bypass of allowed_urls configuration

Impact TorchServe's check on allowedurls configuration can be by-passed if the URL contains characters such as ".." but it does not prevent the model from being downloaded into the model store. Once a file is downloaded, it can be referenced without providing a URL the second time, which...

9.8CVSS6.9AI score0.00792EPSS
Exploits0References6Affected Software1
The Hacker News
The Hacker News
added 2023/08/26 4:24 a.m.53 views

Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack

Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. "Specifically, T-Mobile,...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/08/25 6:5 p.m.30 views

Kroll Employee SIM-Swapped for Crypto Investor Data

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/02 11:21 a.m.102 views

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

A malicious Python package uploaded to the Python Package Index PyPI has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/07/31 3:53 p.m.71 views

Case Study: A Cryptomining Attack — With an Assist From Advanced Malware Techniques

In Carbon Black's Quarterly Incident Response Threat Report QIRTR, some of the world’s leading incident response IR professionals reported seeing an uptick in lateral movement, counter incident response, and island-hopping attacks from motivated nation-states. In the case study below, Kroll notes...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/17 12:0 a.m.37 views

Debian DLA-1348-1 : patch security update

It was discovered that there was an input validation vulnerability in the patch1 utility where an ed1 script embedded in a regular input file could result in arbitrary code execution. This was reported by Rachel Kroll 0 et al. For Debian 7 'Wheezy', this issue has been fixed in patch version...

7.8CVSS7.7AI score0.05515EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2018/03/14 3:11 p.m.13 views

New POS Malware PinkKite Takes Flight

A new family of point-of-sale malware, dubbed PinkKite, has been identified by researchers who say the malware is tiny in size, but can delivered a hefty blow to POS endpoints. Researchers at Kroll Cyber Security first identified PinkKite in 2017 during a nine-month investigation into a large POS...

7AI score
Exploits0References1
The Hacker News
The Hacker News
added 2010/12/24 1:38 p.m.8 views

Hackers Plan Christmas Data Attacks via Social Media Apps

Hackers are planning to increase data security attacks via applications on social networking websites this Christmas, according to an expert. Earlier this month, IT security firm Sophos traced the history of malware and viruses created over the Christmas period from 1987 until 2009. The blog post...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2010/10/18 5:51 p.m.37 views

Survey: Information Theft A Bigger Problem than Physical Theft

Anyone who has received “notification” of funky activity on their credit card, or an urgent e-mail plea from the widow of Mobutu Sese Seko won’t be surprised to learn that information theft is a big problem. But a new survey out from Kroll Consulting finds that its also the biggest problem facing...

0.8AI score
Exploits0References5
Rows per page
Query Builder