Lucene search
+L

184 matches found

Cvelist
Cvelist
added 2019/08/30 4:56 p.m.19 views

CVE-2019-15630

Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow...

7.5AI score0.02998EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2018/07/31 3:0 p.m.61 views

What’s in the spam mailbox this week?

We've seen a fair few spam emails in circulation this week, ranging from phishing to money muling to sexploitation. Shall we take a look? The FBI wants to give you back your money First out of the gate, we have a missive claiming to be from the FBI. Turns out you lost a huge sum of money that you...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/29 5:10 p.m.59 views

419 spam: 10 million US dollars, courtesy of “Rev. Goodluck Ebola”

I'm not saying an email claiming to be from the "Central Bank of Nigeria" with a contact handler named "Rev. Goodluck Ebola" will raise too many red flags, but… Click to Enlarge CENTRAL BANK OF NIGERIA OFFICE OF THE GOVERNOR Zaria Street, Off Samuel Akintola Street,Garki 11, Garki-Abuja. Our Ref:...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/05/05 9:15 a.m.16 views

Business Email Compromise Losses Up 2,370 Percent Since 2015

Business Email Compromise BEC schemes, where executives are scammed via social engineering and phishing compromises that ultimately lead to fraudulent wire transfers, grew at a jaw-dropping rate of 2,370 percent in the last two years. The FBI yesterday published its latest statistics on these...

0.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2017/02/15 11:45 a.m.11 views

Turning Tables on Nigerian Business Email Scammers

SAN FRANCISCO – Traditional takedowns of cybercrime enterprises generally rely on court orders that facilitate either taking servers offline or sending the criminals malware that helps identify them or their locations. Sometimes, however, the technical option is second best. Researchers at Dell...

0.2AI score
Exploits0References2
FireEye
FireEye
added 2017/01/11 8:45 p.m.62 views

New Variant of Ploutus ATM Malware Observed in the Wild in Latin America

Introduction Ploutus is one of the most advanced ATM malware families we’ve seen in the last few years. Discovered for the first time in Mexico back in 2013, Ploutus enabled criminals to empty ATMs using either an external keyboard attached to the machine or via SMS message, a technique that had...

7.4AI score
Exploits0
FireEye
FireEye
added 2017/01/11 8:45 p.m.35 views

New Variant of Ploutus ATM Malware Observed in the Wild in Latin America

Introduction Ploutus is one of the most advanced ATM malware families we’ve seen in the last few years. Discovered for the first time in Mexico back in 2013, Ploutus enabled criminals to empty ATMs using either an external keyboard attached to the machine or via SMS message, a technique that had...

Exploits0
The Hacker News
The Hacker News
added 2015/06/26 7:50 p.m.20 views

Europol Arrests Gang Behind Zeus And SpyEye Banking Malware

The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware. According to the report on the official website of Europol, authorities have arreste...

6.7AI score
Exploits0
NVD
NVD
added 2014/11/20 1:55 p.m.10 views

CVE-2014-9000

Mule Enterprise Management Console MMC does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB...

6.5CVSS7.4AI score0.08874EPSS
Exploits1References4
Prion
Prion
added 2014/11/20 1:55 p.m.8 views

Design/Logic Flaw

Mule Enterprise Management Console MMC does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB...

6.5CVSS8AI score0.08874EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/11/20 11:0 a.m.19 views

CVE-2014-9000

Mule Enterprise Management Console MMC does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB...

7.4AI score0.08874EPSS
Exploits1References4
CVE
CVE
added 2014/11/20 11:0 a.m.40 views

CVE-2014-9000

The CVE-2014-9000 entry concerns Mule Enterprise Management Console (MMC). The issue is an access control flaw where MMC does not properly restrict access to handler/securityService.rpc, allowing remote authenticated users to gain administrator privileges and execute arbitrary code by crafting a ...

6.5CVSS7.7AI score0.08874EPSS
Exploits1References4Affected Software1
ThreatPost
ThreatPost
added 2014/07/03 10:4 a.m.12 views

Brazilian Payment Fraud Campaign Steals Billions

UPDATE–Hackers are targeting Brazil’s Boleto payment system, the second most popular payment method in the country, and have conducted hundreds of thousands of fraudulent transactions, though researchers differ over how much money has been stolen. Formally known as Boleto Bancario, Boletos are...

0.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/06/25 8:27 a.m.10 views

Luuuk Bank Fraud Campaign Nets €500K in One Week

A fraud campaign siphoned more than half a million dollars from a European bank over the course of a week earlier this year, researchers with Kaspersky Lab announced this week. The campaign, dubbed Luuuk, extracted €500,000 roughly $679,700 USD from 190 victims, mostly in Italy and Turkey, from...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/06/16 10:52 a.m.20 views

Dyreza Banker Trojan Seen Bypassing SSL

Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at ...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/04/30 2:1 p.m.10 views

Ramnit Man-in-the-Browser Attack Targets UK Banks

Nowhere is the cat-and-mouse game between attackers and the security of users more evident than with social engineering schemes. Users’ awareness of phishing campaigns, for example, may be improving, but that’s just forcing attackers bent on identity theft and stealing payment card information to...

1.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/12/06 5:30 p.m.12 views

Zitmo Trojan Variant Eurograbber Beats Two-Factor Authentication to Steal Millions

Online banking customers in Europe are falling victim by the thousands to a new banking Trojan that is infecting Android and BlackBerry devices and is capable of defeating two-factor authentication. The Trojan, dubbed Eurograbber by researchers at Check Point Software Technologies and Verasafe, i...

0.9AI score
Exploits0References4
The Hacker News
The Hacker News
added 2012/03/26 10:38 p.m.7 views

A Russian Zeus attacker Sentenced from Million Dollar Fraud

A Russian Zeus attacker Sentenced from Million Dollar Fraud A Russian Hacker, who was part of an elaborate Cyber attack that used Zeus Banking Trojan in U.S. visas to move cash stolen from U.S. businesses out of the country was sentenced on March 23 to two years in U.S. federal prison. Nikokay...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/10/17 6:19 p.m.11 views

An Inside Look at Criminal Shipping Operations

Cyber criminals are relying more than ever on mules to move fenced goods from the U.S. to foreign markets for resale, according to a report on krebsonsecurity.com. With online retailers cracking down on fraudulent purchases, criminal gangs are using networks of complicit or unwitting citizens to...

Exploits0References2
The Hacker News
The Hacker News
added 2010/11/01 6:19 a.m.9 views

Legitimate-Looking Ads Used to Recruit Money Mules for Criminal Operations

Money mules have been aggressively recruited this year to help cybercriminals launder money, according to Fortinet. A recent example of this is the worldwide prosecution of a Zeus criminal operation, which included 37 charges against alleged money mules. Recent Zeus stories illustrate how prevale...

6.9AI score
Exploits0
Rows per page
Query Builder