waf-engine

WAF & SOAR Engine A cloud-native Web Application Firewall and...

Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign

Government Backed Hackers abused Cloudflare storage services in a Malaysian espionage campaign involving hidden C2 systems and data exfiltration...

malaysiansolar.com Improper Access Control vulnerability OBB-3804470

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Criminals socially engineer their way to bank details with fake arrest warrants

When an organization experiences a massive data breach, it knows at least that it needs to inform the federal government about the cybersecurity incident, get law enforcement involved, and then inform its clients and affiliates. Seems simple enough, but this process, which countries from the West...

eservices.dof.gov.my Cross Site Scripting vulnerability OBB-2384216

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

US Dept of Justice steps up legal action against crypto crime

By Uzair Amir Just last month, the department revealed it had arrested two Malaysian and sanctioned two Russians over two separate cases of crypto crime. This is a post from HackRead.com Read the original post: US Dept of Justice steps up legal action against crypto crime...

jobs.malaysianbar.org.my Improper Access Control vulnerability OBB-1361580

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

US charges APT 41 group members for hacking over 100 companies

By Deeba Ahmed Two Malaysian hackers and five Chinese hackers allegedly part of a state-sponsored hacking group APT 41 charged for hacking 100 companies worldwide. This is a post from HackRead.com Read the original post: US charges APT 41 group members for hacking over 100 companies...

FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List

The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and...

A week in security (July 22 – 28)

Last week on Malwarebytes Labs, we offered an extensive analysis into the Malaysian Airlines Flight 17 investigation, updated users on the newest feature set to AdwCleaner 7.4.0 it now detects pre-installed software, and provided a deep dive into Phobos ransomware. We also broke down the latest...

Huawei VIP Application Service Information Disclosure Vulnerability

Huawei VIP App is a mobile application service. The app mainly serves Malaysian users who have purchased P20 series, Nova3/3i and Mate 20. The Huawei VIP App service is vulnerable to information leakage. A brute force attacker could obtain some of the user's information...

MalaysianCoin Integer Overflow Vulnerability

MalaysianCoin is a tradable Ether ERC20 token. An integer overflow vulnerability exists in the transferAny function of MalaysianCoin's smart contract implementation. An attacker can exploit this vulnerability to set the balance of an arbitrary user...

malaysianbar.org.my XSS vulnerability

Open Bug Bounty ID: OBB-530962 Description| Value ---|--- Affected Website:| malaysianbar.org.my Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Malaysian Data Breach Leaves Stolen Data Online for a ‘Long Time’

A 2014 data breach may have left the personal details for tens of millions of Malaysians for sale online for “a long time,” according to Vijandren Ramadass, the founder of tech portal Lowyat.net, who uncovered the data leak. According to a New York Times report, “Malaysia said on Wednesday it was...

malaysianbar.org.my XSS vulnerability

Vulnerable URL: http://www.malaysianbar.org.my/index.php?searchword=%22%3E%3Csvg%2Fonload%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E=comsearch=exact= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

'Real Footage of Malaysian Flight MH 17 Shot Down' Facebook Spam Spreads Malware

A distasteful trend among the cyber crooks have began these days that they left no occasion, either good or bad, to snatch users’ financial information in order to make money as well as spread malware to victimize users. The tragedy of the crashed Malaysia Airlines flight MH17 is no exception for...

Inscribe Webmedia - SQL Injection Vulnerability

No description provided by source. Inscribe Webmedia SQL Injection ========================================================= Exploit Title : Inscribe Webmedia SQL Injection Date : 14 July 2011 Author : Netrondoank aka netron Platform/Tested on: Linux myweb : http://www.ilmuhacker.org Version : no...

Malaysian flight MH370 tragedy abused by Chinese hackers for Espionage attacks

The Mysterious Malaysian Airlines flight MH370, a Boeing 777-200 aircraft that has gone missing by the time it flew from Kuala Lumpur to Beijing. The Malaysian Prime Minister had also confirmed that the Malaysia Airlines plane had crashed in a remote part of the southern Indian Ocean. Cyber...

Philippines President's website defaced by Anonymous Hackers

Philippines-Malaysia Cyber war over Sabah land dispute take another turn, when Philippines hackers deface their own President Benigno Aquino III website early Thursday, and criticized how the President has been handling the conflict in Sabah.The hacker group left a message to the president on the...

Philippines-Malaysia Cyber war over Sabah land dispute

A series of websites defacement has been conducted between Philippines and Malaysia over the dispute in the land of Sabah. Hackers claiming to be part of Anonymous group from Malaysian and Filipino and attacking websites of each other. It was believed that the first online attacks were made by...