SIM-PKH 2.4.1 - Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: SIM-PKH 2.4.1 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps...

SIM-PKH 2.4.1 Shell Upload

Exploit Title: SIM-PKH 2.4.1 - Arbitrary File Upload Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

SIM-PKH 2.4.1 - Arbitrary File Upload

Exploit Title: SIM-PKH 2.4.1 - Arbitrary File Upload Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

April 12, 2016 — KB3147458 (OS Build 10586.218)

April 12, 2016 — KB3147458 OS Build 10586.218 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability for Internet Explorer 11, .NET Framework, wireless LAN, Microsoft Edge, Windo...

U.S. Mobile Giants Want to be Your Online Identity

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer's phone and mobile subscriber account, such as location, customer reputation, and physical...

Instagram’s New Security Tools are a Welcome Step, But Not Enough

Instagram users should soon have more secure options for protecting their accounts against Internet bad guys. On Tuesday, the Facebook-owned social network said it is in the process of rolling out support for third-party authentication apps. Unfortunately, this welcome new security offering does...

SD-WAN 210 LTE - SIM Card State : Present but Service State : Unknown

SIM card is recognize by the SD-WAN Modem, including correct provider and APN. But the SD-WAN can not get the LTE service, it has the following state: Home Network | Card State : Present Home Network | Home Network : Unknown Home Network | Service State : Unknown Home Network | Roaming Status :...

Alleged SIM Swapper Arrested in California

Authorities in Santa Clara, Calif. have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies. The arrest is the third known law enforcement action this month targeting "SIM swappers,"...

AT&T Faces $224M Legal Challenge Over SIM-Jacking Rings

Cryptocurrency investor and Dogecoin founder Michael Terpin has filed a $223.8 million lawsuit against AT&T, alleging the mobile phone giant turned a blind eye to SIM fraud. Terpin alleges that more than 3 million cryptocurrency tokens worth $24 million were lifted from his digital wallet at an...

Hanging Up on Mobile in the Name of Security

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like the...

Florida Man Arrested in SIM Swap Conspiracy

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County...

Reddit Breach Highlights Limits of SMS-Based Authentication

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn't seem too severe. What's interesting about the incident is that it showcases once again why relying on mobile text...

How a man hacked his victims’ SIM cards to steal millions of dollars

By Waqas Californian Authorities have arrested and charged a 20-year old college student Joel Ortiz for being part of a mobile phone hijacking group who hacked SIM cards. According to reports the detainee managed to hijack over 40 phone numbers and stole $5 million as well from high-profile targe...

T-Mobile Employee Made Unauthorized ‘SIM Swap’ to Steal Instagram Account

T-Mobile is investigating a retail store employee who allegedly made unauthorized changes to a subscriber's account in an elaborate scheme to steal the customer's three-letter Instagram username. The modifications, which could have let the rogue employee empty bank accounts associated with the...

CVE-2014-6111

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to...

CVE-2014-6109

The CVE-2014-6109 entry affects IBM Security Identity Manager and IBM Tivoli Identity Manager. The vulnerability allows remote authenticated users to bypass intended access restrictions and obtain sensitive information via server-side LDAP query handling issues in IBM Tivoli Identity Manager 5.1....

sim-sim.com.tw XSS vulnerability

Open Bug Bounty ID: OBB-604889 Description| Value ---|--- Affected Website:| sim-sim.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2015-9122

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD...

Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD...

CVE-2015-9122

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD...