Lucene search
K

100 matches found

The Hacker News
The Hacker News
added 2019/04/16 7:14 a.m.2 views

Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered

A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products. While the rootkit malware—dubbed...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/03 10:8 a.m.2 views

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code

In a world that's growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce sites. Magecart, which is in the news a lot lately, is an umbrella term given to 12 different cyber criminal groups that are specialized in secretly implanting a special piece...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/03/20 1:0 p.m.1 views

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep. Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code ...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2019/01/16 6:4 p.m.1 views

Hackers infect e-commerce sites by compromising their advertising partner

Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites. According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Magecart, labeled as "Magecart Group 12," recent...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2019/01/05 9:37 a.m.2 views

Town of Salem Data Breach Exposes 7.6 Million Gamers' Accounts

A massive data breach at the popular online role-playing game 'Town of Salem' has reportedly impacted more than 7.6 million players, the game owner BlankMediaGames BMG confirmed Wednesday on its online forum. With the user base of more than 8 million players, Town of Salem is a browser-based game...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/11/30 1:47 p.m.40 views

Marriott: Data on 500 Million Guests Stolen in 4-Year Breach

Hospitality giant Marriott today disclosed a massive data breach exposing the personal and financial information on as many as a half billion customers who made reservations at any of its Starwood properties over the past four years. Marriott said the breach involved unauthorized access to a...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2018/11/29 5:7 a.m.17 views

Dell Resets All Customers' Passwords After Potential Security Breach

Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a "cybersecurity incident" earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity ...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2018/06/29 9:45 p.m.3 views

Typeform, Popular Online Survey Software, Suffers Data Breach

Typeform, the popular Spanish-based online data collection company specializes in form building and online surveys for businesses worldwide, has today disclosed that the company has suffered a data breach that exposed partial data of its some users. The company identified the breach on June 27th,...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/29 6:0 p.m.67 views

Major data breaches at Adidas, Ticketmaster pummel web users

There's been a number of data breaches and accidental data exposures coming to light in the last few days, and no matter where in the world you happen to be located, you'll want to do some due diligence and see if you've been affected. These aren't small fishes being preyed upon by black hats;...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2018/06/28 6:27 p.m.3 views

Ticketmaster Suffers Security Breach – Personal and Payment Data Stolen

Global entertainment ticketing service Ticketmaster has admitted that the company has suffered a security breach, warning customers that their personal and payment information may have been accessed by an unknown third-party. The company has blamed a third-party support customer service chat...

6.9AI score
Exploits0
FireEye
FireEye
added 2016/09/29 8:0 a.m.14 views

Vendetta Brothers, Inc. – A Window Into the Business of the Cybercriminal Underground

FireEye iSIGHT Intelligence has been tracking a pair of cybercriminals that we refer to as the “Vendetta Brothers.” This enterprising duo uses various strategies to compromise point-of-sale systems, steal payment card information and sell it on their underground marketplace “Vendetta World.” The...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2016/09/13 6:8 a.m.13 views

324,000 Financial Records with CVV Numbers Stolen From A Payment Gateway

Around 324,000 users have likely had their payment records stolen either from payment processor BlueSnap or its customer Regpack; however, neither of the company has admitted a data breach. BlueSnap is a payment provider which allows websites to take payments from customers by offering merchant...

6.4AI score
Exploits0
ThreatPost
ThreatPost
added 2015/08/10 1:19 p.m.11 views

Researchers Unveil Square Reader Mobile POS Hacks

It wasn’t long ago when hacking a point-of-sale system meant deploying a RAM scraper at a retailer, sitting back and watching the credit card numbers roll in. Now that POS has gone mobile with vendors such as Square, Intuit, Revel and others using hardware fobs connected to smartphones and tablet...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/09/03 11:6 a.m.8 views

Home Depot Urges Credit Monitoring Vigilance

Home Depot told its customers today to monitor their bank and credit card accounts for fraud as it continues to investigate the “unusual activity” on its networks that could turn out to be one of the biggest data breaches in U.S. history. “We’re looking into some unusual activity that might...

Exploits0References5
ThreatPost
ThreatPost
added 2012/10/18 6:33 p.m.15 views

Survey: SMBs Remain Blissfully Unfazed by Cyberthreats

More than three quarters of small business owners claim their companies are safe from cyber attacks, yet only 17 percent of those businesses have implemented a formal cybersecurity plan. This is just one of many problems for small businesses in the digital realm, according to a joint survey .PDF...

0.5AI score
Exploits0References3
NVD
NVD
added 2006/03/07 8:2 p.m.15 views

CVE-2006-1050

Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and payment data. NOTE: the provenance of this information is unknown; the details are obtained solely...

2.1CVSS5.9AI score0.00208EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/03/07 8:0 p.m.18 views

CVE-2006-1050

Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and payment data. NOTE: the provenance of this information is unknown; the details are obtained solely...

5.9AI score0.00208EPSS
Exploits0References3
Prion
Prion
added 2006/01/13 11:3 p.m.14 views

Code injection

Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...

3.6CVSS6.6AI score0.00339EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2006/01/13 11:0 p.m.44 views

CVE-2006-0202

CVE-2006-0202 affects PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier. The issue is due to insecure filesystem permissions: ipn/logs/ipn_success.txt is world-readable, allowing local users to view payment data, and ipn/logs is world-writable, enabling local users to delete or repl...

3.6CVSS6.1AI score0.00339EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/01/13 11:0 p.m.18 views

CVE-2006-0202

Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...

6.1AI score0.00339EPSS
Exploits0References6
Rows per page
Query Builder