📄 Mennekes Amtron Series and Smart-T PnC 5.22.3 Authentication Bypass / Privilege Escalation

Mennekes Amtron Series and Smart-T PnC version 5.22.3 suffers from authentication bypass and privilege escalation vulnerabilities. CyberDanube Security Research 20260528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product|...

EUVD-2014-6759

Malware in sbrugna...

Cybercrime Rapper Sues Bank over Fraud Investigation

A partial selfie posted by Punchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that are more medallions, including a diamond-studded bitcoin and payment card. In January, KrebsOnSecurity wrote about rapper Punchmade Dev...

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

When U.S. consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as long as the victim reports the fraud in a timely manner. But new data released this week suggests that for some of t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Application Center

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 8 used by IBM Spectrum LSF Application Center. IBM Spectrum LSF Application Center has addressed the applicable CVEs. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

CVE-2014-6881

The PNC Virtual Wallet aka com.pnc.ecommerce.mobile.vw.android application before 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The PNC Virtual Wallet aka com.pnc.ecommerce.mobile.vw.android application before 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6881

The CVE-2014-6881 entry concerns the PNC Virtual Wallet Android app (package com.pnc.ecommerce.mobile.vw.android) prior to version 2.2. The vulnerability is a lack of SSL certificate validation, allowing MITM attackers to spoof servers and obtain sensitive information via crafted certificates. Th...

CVE-2014-6881

The PNC Virtual Wallet aka com.pnc.ecommerce.mobile.vw.android application before 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

'Historic' DDoS Attacks Against Major U.S. Banks Continue

PNC Bank appears, as promised, to be the latest victim of hacktivists carrying out denial-of-service attacks against major U.S. financial services institutions. PNC, out of Pittsburgh, joins Wells Fargo, J.P. Morgan Chase & Co. and Bank of America on a list of banks taken offline reportedly by a...

CVE-2007-4606

CVE-2007-4606 describes a PHP remote file inclusion in the Virtual War (VWar) module of PHPNuke-Clan (PNC) 4.2.0 and earlier. The vulnerability arises in convert/mvcw_conver.php where an attacker can cause arbitrary PHP code execution by supplying a crafted URL in the vwar_root parameter. The iss...