Lucene search
+L

2747 matches found

ThreatPost
ThreatPost
added 2010/06/01 8:40 a.m.6 views

Facebook: The Money Mule Farm

Scammers and phishers are continuing to adapt their recruitment tactics, now going so far as to create special Facebook groups for their work-at-home scams. Phishers have been using social networks such as Facebook, MySpace and Twitter for years now as fertile hunting grounds not only for new...

7.1AI score
Exploits0References2
Atlassian
Atlassian
added 2010/04/22 12:49 a.m.21 views

XSS vulnerability in Colour Scheme settings

An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 12:49 a.m.25 views

XSS vulnerability in Colour Scheme settings

An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 12:49 a.m.20 views

XSS vulnerability in Colour Scheme settings

An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...

0.2AI score
Exploits0
Atlassian
Atlassian
added 2010/03/23 2:46 p.m.18 views

Allow non-Administrators to be able to modify workflows

As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...

3.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/03/23 2:46 p.m.21 views

Allow non-Administrators to be able to modify workflows

As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...

3.6AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2010/03/17 2:39 p.m.11 views

Zeus Trojan Now Has Hardware Licensing Scheme

The authors of the Zeus bot client, perhaps the most popular and pervasive piece of malware of its kind right now, have taken an extraordinary step to protect their creation: inserting a hardware-based licensing scheme into the Trojan. This represents a significant leap in the sophistication and...

7.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/03/01 9:7 p.m.12 views

Hackers Indicted in $25 Million Ticket Scheme

A ring of ticket brokers has been indicted in connection to an elaborate hacking scheme that used bots and other fraudulent means to purchase more than 1 million tickets for concerts, sporting events and other events. The defendants made more than $25 million in profits from the resale of the...

1.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/02/18 5:20 p.m.12 views

ID Theft Criminal Sentenced to 309 Years in Prison

Robert Thompson, also known as John Lawson, age 43, of Zachary, La., was sentenced to a term of 309 years in prison. Thompson, the leader of a massive identity theft and bribery scheme, was sentenced based on charges of conspiracy, wire fraud, mail fraud, bank fraud, computer fraud, access device...

0.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2010/01/15 12:0 a.m.22 views

Fedora Update for condor FEDORA-2010-0227

Check for the Version of condor OpenVAS Vulnerability Test Fedora Update for condor FEDORA-2010-0227 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

6.5CVSS0.2AI score0.02078EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2009/11/11 9:21 p.m.9 views

Microsoft Threatens Discoverer of 'Cash Back' Loophole in Bing

The security glitch, which is linked to a “cash back” system operated by Bing, potentially leaves users and retailers exposed to fake transactions. But despite an outcry online over the existence of the loophole, the world’s largest company has responded to the issue by threatening legal action...

2.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2009/11/02 9:42 p.m.17 views

Ransomware Variant Features Novel Payment Scheme

A new ransomware variant encrypts files on a computer but uses a novel twist on monetizing the extortion threat. Instead of demanding money directly for decryption keys, as has been the case in other instances, it presumes that the owner of an infected computer will search for information to help...

1.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2009/10/06 4:33 p.m.10 views

Inside the URLZone Trojan Network

Security researchers tracking the URL Zone malware/botnet have stumbled upon a new tactic being used by cyber-criminals to hide information on the money mules being used to transfer stolen funds from compromised online bank accounts. URLZone, which targets computer users in Western Europe, is a...

Exploits0References6
Check Point Advisories
Check Point Advisories
added 2009/09/30 12:0 a.m.15 views

Apache Server mod_rewrite Module LDAP Scheme Handling Buffer Overflow (CVE-2006-3747)

The Apache HTTP server is the most popular web server in use on the Internet. Over two-thirds of web hosts on the Internet run the application in order to serve content. The server is capable of being utilized with numerous different options and configurations, with a wide variety of plug-in...

7.6CVSS7.9AI score0.96436EPSS
Exploits20
Atlassian
Atlassian
added 2009/09/02 3:54 p.m.34 views

"User Custom Field Value" permission type incorrectly exposes JIRA project names to everyone

Problem: Project names are shown to users with no permission to see the project. Impact: Security hole! Recipe: it helps to have two browsers open one logged in as admin the other as the user I will create called dummy Add user dummy Add project blah Add custom field myuser of type user picker,...

6.8AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2009/08/18 4:58 p.m.11 views

Three Indicted For Hack Attacks on Heartland, Hannaford

A Miami man and two Russians have been indicted usdoj.gov by a grand jury in New Jersey on charges of conspiring to commit some of the largest data breaches in U.S. history. Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal...

1.4AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2009/08/12 7:30 p.m.2 views

CVE-2009-2200

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...

7.1CVSS5.7AI score0.02387EPSS
Exploits0References8
NVD
NVD
added 2009/08/12 7:30 p.m.25 views

CVE-2009-2200

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...

7.1CVSS7.8AI score0.02387EPSS
Exploits0References7
Prion
Prion
added 2009/08/12 7:30 p.m.20 views

Hardcoded credentials

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...

7.1CVSS6AI score0.02387EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2009/08/12 7:0 p.m.52 views

CVE-2009-2200

Summary (CVE-2009-2200) : WebKit in Apple Safari (pre-4.0.3) fails to properly restrict the URL scheme of the pluginspage attribute of an EMBED element. This underlies a vulnerability where a user-assisted crafted HTML document can cause the browser to launch arbitrary file: URLs and potentially ...

7.1CVSS7.5AI score0.02387EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder