Lucene search
K

73 matches found

ThreatPost
ThreatPost
added 2021/06/15 5:5 p.m.42 views

Malicious PDFs Flood the Web, Lead to Password-Snarfing

The pushers behind the SolarMarker backdoor malware are flooding the web with PDFs stuffed with keywords and links that redirect to the password-stealing, credential-snarfing malware. Microsoft Security Intelligence said in a Tweet on Friday that the SolarMarker also known as Jupyter makers are...

7.3AI score
Exploits0References10
CNVD
CNVD
added 2021/03/12 12:0 a.m.3 views

Wenzhou Orange Tree Network Technology Co., Ltd. website building system has file upload vulnerability

Wenzhou Orange Tree Network Technology Co., Ltd. is a foreign trade marketing consulting services company, focusing on search engine keyword advertising, search engine optimization SEO technology, search engine marketing SEM consulting and optimized for the search engine website construction...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/03/11 12:0 a.m.1 views

Wenzhou Orange Tree Network Technology Co., Ltd. station building system has unauthorized access vulnerabilities

Wenzhou Orange Tree Network Technology Co., Ltd. is a foreign trade marketing consulting services company, focusing on search engine keyword advertising, search engine optimization SEO technology, search engine marketing SEM consulting and optimized for the search engine website construction...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/01 2:18 p.m.6 views

Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites

A framework notorious for delivering a banking Trojan has received a facelift to deploy a wider range of malware, including ransomware payloads. "The Gootkit malware family has been around more than half a decade – a mature Trojan with functionality centered around banking credential theft," Soph...

5.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/03/23 8:17 p.m.51 views

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization SEO services rendered on behalf of their domain names. The story concluded...

6.8AI score
Exploits0
HackRead
HackRead
added 2019/09/11 9:30 a.m.53 views

How Can SEO Help Increase Website Security?

By Uzair Amir Though many think that SEO Search Engine Optimization and website security do not go hand in hand, they are a lot closer than many think. This is a post from HackRead.com Read the original post: How Can SEO Help Increase Website Security?...

0.1AI score
Exploits0
OSV
OSV
added 2019/03/14 4:29 p.m.34 views

CVE-2019-9787

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS...

8.8CVSS6.8AI score
Exploits0References8
Prion
Prion
added 2019/03/14 4:29 p.m.20 views

Design/Logic Flaw

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS...

6.8CVSS8.6AI score0.4375EPSS
Exploits4References8Affected Software1
Cvelist
Cvelist
added 2019/03/14 4:0 p.m.49 views

CVE-2019-9787

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS...

8.7AI score0.4375EPSS
Exploits4References8
Debian CVE
Debian CVE
added 2019/03/14 4:0 p.m.37 views

CVE-2019-9787

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS...

8.8CVSS8.5AI score0.4375EPSS
Exploits4
Akamai Blog
Akamai Blog
added 2018/09/06 8:4 p.m.13 views

Domain Name Consolidation: Observations From the Field

The market and marketing of Web property domain names is changing. Companies prefer to promote top level domains TLDs, have the option of selecting brand-relevant domain extensions e.g. SaaS.com, and no longer need country-relevant domains to optimize search engine result rankings...

1.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/29 7:12 p.m.53 views

SEO poisoning: Is it worth it?

Search Engine Optimization SEO poisoning basically comes down to getting your web page high in the rankings for relevant search results without buying advertisements or using legitimate, but tedious, SEO best practices. Instead, threat actors use illegal means to push their page to the top...

6.5AI score
Exploits0
Talos Blog
Talos Blog
added 2017/11/02 8:55 a.m.97 views

Poisoning the Well: Banking Trojan Targets Google Search Results

This blog post was authored by Edmund Brumaghin, Earl Carter and Emmanuel Tacheau.SummaryIt has become common for users to use Google to find information that they do not know. In a quick Google search you can find practically anything you need to know. Links returned by a Google search, however,...

7.2AI score
Exploits0
Fedora
Fedora
added 2017/03/08 1:59 p.m.19 views

[SECURITY] Fedora 25 Update: drupal7-metatag-1.21-1.fc25

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

0.3AI score
Exploits0
Fedora
Fedora
added 2017/03/08 1:33 p.m.9 views

[SECURITY] Fedora 24 Update: drupal7-metatag-1.21-1.fc24

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2014/11/24 12:2 a.m.14 views

CryptoPHP Backdoor Hijacks Servers with Malicious Plugins & Themes

Security researchers have discovered thousands of backdoored plugins and themes for the popular content management systems CMS that could be used by attackers to compromise web servers on a large scale. The Netherlands-based security firm Fox-IT has published a whitepaper revealing a new Backdoor...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

PenPals Authentication Bypass

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: PenPals Authentication Bypass Vendor url:http://www.anblik.com Version:1.0 Price:1200$ Published: 2010-06-17 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/03 4:43 p.m.17 views

Clues About Flashback Creator Come Together

Nearly a year since the Flashback Trojan surfaced and ultimately infected more than 600,000 Apple OS X computers, the author of the malware may haven been discovered. After some sleuthing by security bloggers Brian Krebs over the past year – documented today on the Krebs on Security blog – the...

0.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/08/10 9:36 p.m.11 views

One Third of Drug-Related Searches Lead to Illicit Pharmacy Sites

Researchers at the University of Cambridge will present evidence of what they say is wide spread manipulation of search results that direct unwitting Web surfers to dodgy and illicit online pharmacy sites. The research, which will be presented at the 20th USENIX Security Symposium in San Francisc...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2011/02/01 8:37 p.m.204 views

Fake AVG: Scam Software Cops Name and Logo of Real AV

We’ve noted for a while that the practices of rogue antivirus software have started to mimic those of legitimate antivirus software vendors. But a new version of FakeXPA scareware take things a bit further: posing as a legitimate commercial AV package, AVG Antivirus 2011. Microsoft’s Malware...

9.3CVSS2AI score0.99945EPSS
Exploits33References4
Rows per page
Query Builder