2747 matches found
Facebook: The Money Mule Farm
Scammers and phishers are continuing to adapt their recruitment tactics, now going so far as to create special Facebook groups for their work-at-home scams. Phishers have been using social networks such as Facebook, MySpace and Twitter for years now as fertile hunting grounds not only for new...
XSS vulnerability in Colour Scheme settings
An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...
XSS vulnerability in Colour Scheme settings
An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...
XSS vulnerability in Colour Scheme settings
An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...
Allow non-Administrators to be able to modify workflows
As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...
Allow non-Administrators to be able to modify workflows
As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...
Zeus Trojan Now Has Hardware Licensing Scheme
The authors of the Zeus bot client, perhaps the most popular and pervasive piece of malware of its kind right now, have taken an extraordinary step to protect their creation: inserting a hardware-based licensing scheme into the Trojan. This represents a significant leap in the sophistication and...
Hackers Indicted in $25 Million Ticket Scheme
A ring of ticket brokers has been indicted in connection to an elaborate hacking scheme that used bots and other fraudulent means to purchase more than 1 million tickets for concerts, sporting events and other events. The defendants made more than $25 million in profits from the resale of the...
ID Theft Criminal Sentenced to 309 Years in Prison
Robert Thompson, also known as John Lawson, age 43, of Zachary, La., was sentenced to a term of 309 years in prison. Thompson, the leader of a massive identity theft and bribery scheme, was sentenced based on charges of conspiracy, wire fraud, mail fraud, bank fraud, computer fraud, access device...
Fedora Update for condor FEDORA-2010-0227
Check for the Version of condor OpenVAS Vulnerability Test Fedora Update for condor FEDORA-2010-0227 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Microsoft Threatens Discoverer of 'Cash Back' Loophole in Bing
The security glitch, which is linked to a “cash back” system operated by Bing, potentially leaves users and retailers exposed to fake transactions. But despite an outcry online over the existence of the loophole, the world’s largest company has responded to the issue by threatening legal action...
Ransomware Variant Features Novel Payment Scheme
A new ransomware variant encrypts files on a computer but uses a novel twist on monetizing the extortion threat. Instead of demanding money directly for decryption keys, as has been the case in other instances, it presumes that the owner of an infected computer will search for information to help...
Inside the URLZone Trojan Network
Security researchers tracking the URL Zone malware/botnet have stumbled upon a new tactic being used by cyber-criminals to hide information on the money mules being used to transfer stolen funds from compromised online bank accounts. URLZone, which targets computer users in Western Europe, is a...
Apache Server mod_rewrite Module LDAP Scheme Handling Buffer Overflow (CVE-2006-3747)
The Apache HTTP server is the most popular web server in use on the Internet. Over two-thirds of web hosts on the Internet run the application in order to serve content. The server is capable of being utilized with numerous different options and configurations, with a wide variety of plug-in...
"User Custom Field Value" permission type incorrectly exposes JIRA project names to everyone
Problem: Project names are shown to users with no permission to see the project. Impact: Security hole! Recipe: it helps to have two browsers open one logged in as admin the other as the user I will create called dummy Add user dummy Add project blah Add custom field myuser of type user picker,...
Three Indicted For Hack Attacks on Heartland, Hannaford
A Miami man and two Russians have been indicted usdoj.gov by a grand jury in New Jersey on charges of conspiring to commit some of the largest data breaches in U.S. history. Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal...
CVE-2009-2200
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...
CVE-2009-2200
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...
Hardcoded credentials
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...
CVE-2009-2200
Summary (CVE-2009-2200) : WebKit in Apple Safari (pre-4.0.3) fails to properly restrict the URL scheme of the pluginspage attribute of an EMBED element. This underlies a vulnerability where a user-assisted crafted HTML document can cause the browser to launch arbitrary file: URLs and potentially ...