Lucene search
+L

64 matches found

The Hacker News
The Hacker News
added 2019/01/15 7:34 p.m.101 views

Two Hackers Charged with Hacking SEC System in Stock-Trading Scheme

The U.S. authorities have charged two Ukrainian hackers for hacking into the Securities and Exchange Commission's EDGAR filing system and stealing sensitive market-moving reports of companies before their public release. EDGAR, or Electronic Data Gathering, Analysis, and Retrieval, is an online...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2019/01/15 7:34 p.m.4 views

Two Hackers Charged with Hacking SEC System in Stock-Trading Scheme

The U.S. authorities have charged two Ukrainian hackers for hacking into the Securities and Exchange Commission's EDGAR filing system and stealing sensitive market-moving reports of companies before their public release. EDGAR, or Electronic Data Gathering, Analysis, and Retrieval, is an online...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/11/29 12:0 a.m.5 views

Rakuten Securities MARKETSPEED Security Load Dynamic Link Library Vulnerability

Rakuten Securities MARKETSPEED is a foreign exchange-specific trading tool from Japan's Rakuten Securities Rakuten Securities. A security vulnerability exists in the installer in Rakuten Securities MARKETSPEED version 16.4 and earlier. An attacker could exploit the vulnerability to execute...

7.8CVSS7.9AI score0.00796EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/11/28 12:0 a.m.112 views

JVN#78422300: The installer of MARKET SPEED may insecurely load Dynamic Link Libraries

The installer of MARKET SPEED provided by Rakuten Securities, Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...

7.8CVSS7.7AI score0.00796EPSS
Exploits0
CNVD
CNVD
added 2018/05/09 12:0 a.m.8 views

Oracle Financial Services Applications FLEXCUBE Core Banking Component Unauthorized Operation Vulnerability

Oracle Financial Services Applications is a set of Oracle's core banking, online banking and property management financial services software. FLEXCUBE Core Banking is one of the core banking components. A security vulnerability exists in the Securities subcomponent of the FLEXCUBE Core Banking...

6.1CVSS6.6AI score0.01498EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2018/05/08 4:45 p.m.13 views

“Equi-Facts”: Equifax Clarifies the Numbers for Its Massive Breach

As companies continue to install the vulnerable version of Apache Struts behind the breach, Equifax has filed a clarification statement. The number of impacted U.S. consumers from the infamous 2017 Equifax data breach now totals about 147.9 million, and the breach has touched almost every adult i...

Exploits0References6
OSV
OSV
added 2018/04/19 2:29 a.m.11 views

CVE-2018-2807

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications subcomponent: Securities. Supported versions that are affected are 11.5.0, 11.6.0 and 11.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS7.3AI score0.01498EPSS
Exploits0References3
CNVD
CNVD
added 2017/11/10 12:0 a.m.5 views

HYPER SBI Untrustworthy Search Path Vulnerability

SBI SECURITIES HYPER SBI is an online trading tool for stock securities provided by SBI SECURITIES in Japan. An untrustworthy search path vulnerability exists in SBI SECURITIES HYPER SBI 2.2 and earlier versions. An attacker can exploit this vulnerability to gain privileges with the help of a...

9.3CVSS7.2AI score0.01029EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/09 12:0 a.m.82 views

JVN#71284826: Installer of HYPER SBI may insecurely load Dynamic Link Libraries

HYPER SBI provided by SBI SECURITIES Co.,Ltd. is a trading tool. Installer of HYPER SBI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer...

9.3CVSS7.7AI score0.01029EPSS
Exploits0
The Hacker News
The Hacker News
added 2017/05/11 7:29 a.m.14 views

Three Chinese Hackers Fined $9 Million for Stealing Trade Secrets

Hackers won't be spared. Three Chinese hackers have been ordered to pay $8.8 million £6.8 million after hacking email servers of two major New York-based law firms to steal corporate merger plans in December 2016 and used them to trade stocks. The U.S. District Judge Valerie Caproni in Manhattan...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/03/01 12:0 a.m.30 views

JVN#82619692: Access CX App fails to verify SSL server certificates

Access CX App provided by NISSAN SECURITIES CO., LTD. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by...

5.9CVSS5.3AI score0.00642EPSS
Exploits0
ThreatPost
ThreatPost
added 2016/09/12 3:32 p.m.19 views

FDA, DHS Investigating St. Jude Device Vulnerabilities

The U.S. government has entered into the St. Jude-MedSec-Muddy Waters fray with an investigation into claims St. Jude medical devices are vulnerable to cyberattacks. The Food and Drug Administration and Department of Homeland Security also apparently disapprove of the approach taken by MedSec and...

7.3AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/30 12:0 a.m.38 views

JVN#40898764: DMM.com Securities FX Apps for Android fail to verify SSL server certificates

Multiple Android Applications provided by DMM.com Securities Co.,Ltd. fail to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the informati...

5.9CVSS5.5AI score0.00928EPSS
Exploits0
myhack58
myhack58
added 2016/05/10 12:0 a.m.14 views

About Apache Struts 2 S2-0 3 2 vulnerability threat monitoring and emergency disposal of the case Bulletin-vulnerability warning-the black bar safety net

4 the end of the month, the Apache struts2 S2-0 3 2 remote code execution vulnerability CNVD-2 0 1 6-0 2 5 0 6, The CVE-2 0 1 6-3 0 8 1, hereinafter referred to as S2-0 3 2 vulnerability, the exploit code is disclosed and in a short time spread rapidly. CNVD Secretariat-National Internet emergenc...

8.5AI score
Exploits0
hackapp
hackapp
added 2016/04/01 10:22 a.m.19 views

Animals for Toddlers and Kids - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Animals for Toddlers and Kids published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2016/01/30 7:42 p.m.16 views

securities.com XSS vulnerability

Vulnerable URL: http://www.securities.com/internal/sitelogon.html?callback=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 81578 Google Pagerank| 7 VIP website status...

6.3AI score
Exploits0
seebug.org
seebug.org
added 2015/11/21 12:0 a.m.44 views

用友某系统通用漏洞涉及多家银行、证券、能源行业、企业

简要描述: 用友某系统通用漏洞可以读取配置文件 详细说明: 用友某系统通用漏洞涉及多家银行、证券、能源行业、企业 测试了部分网站,还有大量的网站存在此漏洞 http://zhaopin.cnooc.com.cn/hrss/dorado/smartweb2.RPC.d?rpc=true http://nc.hbny.com.cn:9090/hrss/dorado/smartweb2.RPC.d?rpc=true http://59.173.0.46:8070/hrss/dorado/smartweb2.RPC.d?rpc=true...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/09/10 9:6 a.m.8 views

account.rakuten-sec.co.jp Open Redirect vulnerability

Vulnerable URL: http://account.rakuten-sec.co.jp/cgi-bin/btracking?URL=https://www.xssposed.org Details: Description| Value ---|--- Patched:| Yes, at 25.04.2016 Latest check for patch:| 25.04.2016 14:12 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2015/08/11 2:52 p.m.9 views

Hack That Fueled Insider Trading Ring Netted $100M

Hackers based in Ukraine and Russia allegedly broke into servers belonging to several newswires and passed sensitive information onto an underground trading ring as part of what’s being referred to as an unprecedented new level of insider trading. Prosecutors claimed Tuesday that corporate...

0.4AI score
Exploits0References2
The Coalfire Blog
The Coalfire Blog
added 2014/07/03 7:55 a.m.12 views

Cybersecurity and the Financial Services Industry

2014 is the year that the US Securities and Exchange Commissions Office of Compliance Inspections and Examinations OCIE is turning its focus to cybersecurity, a looming threat to any and all companies that utilize the internet. In case you missed my last post, back in March the OCIE hosted a...

1.9AI score
Exploits0
Rows per page
Query Builder