CVE-2024-22626

CVE-2024-22626 affects the Complete Supplier Management System v1.0. The vulnerability is a SQL Injection in the endpoint /Supply_Management_System/admin/edit_retailer.php?id=, allowing potentially arbitrary SQL execution. Reported impact and details indicate a high-severity issue (CVSS 7.2, HIGH...

Not Punny: Angling Direct Breach Cripples Retailer for Days

The U.K.’s largest fishing retailer, Angling Direct, experienced a system breach on Nov. 5 that resulted in their domain being redirected to Pornhub. The jokes almost wrote themselves, but days later the site is still down and the extent of the damage to the company’s bottom line is remains uncle...

20 Years of Edge Computing

How long will you wait for something? That depends on what you're waiting for, of course. But in your daily interactions, think about how many "things" you interact with where you expect the response to be instantaneous -- tapping on mobile apps; logging in and transacting with a retailer or a...

Xmas Light Security Improves… a bit

We've looked at smart Xmas lights before; whilst they were vulnerable, there was no consequence to the hack other than making them flash in a different order! In 2018 we looked at the all-new Twinkly smart festive lights. We found a number of security issues, reported them to the vendor and to a...

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator...

Dixons Carphone Cyberattack Targets 5.9M Bank Cards

European electronic and telecom retailer Dixons Carphone has discovered a massive cyber-attack that may have compromised millions of payment cards and personal data records, it said Wednesday. The U.K.-based retail giant, whose subsidiaries include Carphone Warehouse, Currys, PC World, Elkjøp and...

Vera Bradley Retail Chain Breached

Retailer Vera Bradley warned customers on Wednesday of a compromise of its point-of-sale system that allowed hackers to make off with an undisclosed number of credit card records. The breach impacts only retail customers who shopped at one of 159 Vera Bradley locations between July 25 and Sept. 2...

Alibaba aliexpress exposure security vulnerability could compromise millions of users personal information-vulnerability warning-the black bar safety net

1 of 2 November 9 November 2 1:0 0 updates: According to the official feedback Alibaba security team have been in the first time to fix the vulnerability. ! According to foreign media reports, Alibaba's aliexpress website on the exposed security vulnerabilities that could impact the world of...

Sally Beauty Supply Acknowledges Breach of 25K

Twelve days after acknowledging that someone attempted to breach its system, Sally Beauty Supply confirmed this week that an attacker was able to penetrate the company and make off with fewer than 25,000 records of its customers’ sensitive banking information. The chain’s parent company Sally...

Microsoft Sues British Electronic Dealer in Alleged Counterfeit Scam

Microsoft announced today it is suing Britain’s second-largest electronics retailer Comet for allegedly creating and selling more than 94,000 back-up discs of its Windows Vista and Windows XP product. Comet Group PLC allegedly produced counterfeit versions of the software in a factory in Hampshir...

J.C. Penney Was 'Company A' in Breach Case

Retailer JC Penney fought to keep its name secret during court proceedings related to the largest breach of credit card data on record, according to documents recently unsealed. Read the full article. Computerworld...

Researchers Find Flaw in RSA Authentication

University of Michigan scientists have found they could foil RSA authentication by varying the voltage supply to the holder of the “private key,” which would be the consumer’s device in the case of copy protection and the retailer or bank in the case of Internet communication. It is highly unlike...