49 matches found
EUVD-2006-4317
Malware in sbrugna...
mangafoxfull.com Cross Site Scripting vulnerability OBB-3935501
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mtech.am Cross Site Scripting vulnerability OBB-3935475
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
MAL-2023-93 Malicious code in angra_temple_of_shadows_songbook_pdf_105_kssry (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd6df7b7b696150a1e7a19bda7c02dda2686dd2e2be7b1cf257c6fb4c9de50c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company
The Hive ransomware-as-a-service RaaS group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago. The incident is said to have occurred on October 3, 2022. The threat actor has also been observed leaking stolen data exfiltrated...
mountainshadows.com Cross Site Scripting vulnerability OBB-2845216
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
November 22, 2021—KB5007262 (OS Build 22000.348) Preview
None None...
DDoS Attacks Shatter Records in Q3, Report Finds
The third quarter saw the sheer volume of distributed denial-of-service DDoS attacks surge to several thousand hits per day, signaling a re-distribution of tactics by malicious actors away from cryptomining and toward the use of DDoS as a tool of intimidation, disinformation and straight-up...
Conti Ransom Gang Starts Selling Access to Victims
The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Contis malware who refuse to negotiate a ransom payment are added to Contis victim shaming blog, where confidential files stolen from victims may be published or sold. But someti...
iOS Kids Game Morphs into Underground Crypto Casino
A kids’ game called “Jungle Run” that, until recently, was available in the Apple App store, was secretly a cryptocurrency-funded casino set up to scam people out of money. Join experts from Digital Shadows Austin Merritt, Malwarebytes Adam Kujawa and Sift Kevin Lee to find out how cybercrime...
Threat Actors Introduce Unique ‘Newbie’ Hacker Forum
A well-known private hacking forum has recently become more inclusive, introducing a new platform to help newbie threat actors flourish and hone their expertise, research has found. The discovery is unique, as private hacker forums tend to be the exclusive province of elite cybercriminals. Digita...
Sodinokibi Ransomware Group Sponsors Hacking Contest
White hats aren’t alone in holding hacking contests. Russian-language cybercriminals are known for running similar competitions on underground forums. However, an analysis of Dark Web activity has uncovered a trend towards offering increasingly high-stakes prizes during such battles. At the same...
Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware
CVE-2019-19781IOCs IOCs for CVE-2019-19781 citrixhoneypotnsl...
JetBlue Bomb Scare Set Off with Apple AirDrop
The feature in Apple mobile devices that allows people to send photos to nearby phones via Bluetooth is at the heart of a terrorism scare on a JetBlue flight over the weekend. According to the New York Daily News, a prankster sent a photo of a suicide vest to everyone who had an Apple device on t...
Global IT Asset Inventory: The Foundation for Security and Compliance
Pablo Quiroga, Qualys’ Director of Product Management for IT Asset Management, talks about the new Asset Inventory solution When IT directors and CISOs look at their digitally transformed networks, they encounter many shadows that their legacy enterprise software tools can’t illuminate. These bli...
Malicious Cyber Activity Targeting ERP Applications
Digital Shadows Ltd. and Onapsis Inc. have released a report describing an increase in the exploitation of vulnerabilities in Enterprise Resource Planning ERP applications. ERP applications help organizations manage critical business processes—such as product lifecycle management, customer...
Election Leaks Failed to Move Needle on Polls
The barrage of information leaks, state-sponsored espionage and hacktivism related to the U.S. presidential election has had a mixed bag of effects on the race and voter confidence. For the most part, attacks against organizations supporting both major political parties, extensive email leaks and...
Hidden City:Mystery of Shadows - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Hidden City:Mystery of Shadows published at the 'play' market has multiple vulnerabilities...
Shadows-IT Designs Local File Inclusion
No description provided by source...