Hackers Breach Telefonica Network, Leak 2.3 GB of Data Online

Telefónica faces a data breach impacting its internal systems, linked to hackers using compromised credentials. Learn more about this alarming cyber threat...

Design/Logic Flaw

Telefnica Brasil Vivo Play IPTV Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service DoS via DNS Recursion...

Malicious code in @balea-telefonica/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 563059871426877f31b5ba1bd33fda80482ee48032d184d83e400daf25d54b99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-24 Malicious code in @balea-telefonica/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 563059871426877f31b5ba1bd33fda80482ee48032d184d83e400daf25d54b99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

sapweb.telefonica.com.br Open Redirect vulnerability OBB-2304218

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

aulavirtual.educared.fundaciontelefonica.com.pe Cross Site Scripting vulnerability OBB-2119494

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Android o2 Business 1.2.0 Open Redirect

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: o2 Business for Android Vendor URL: https://play.google.com/store/apps/details?id=telefonica.de.o2business Type: Open Redirect CWE-601 Date found: 2020-04-16 Date published: 2020-07-01 CVSSv...

19K Orange Livebox Modems Open to Attack

A flaw in Orange Livebox ADSL modems allows remote, unauthenticated users to obtain the device’s SSID and WiFi password with a simple GET request. Troy Mursch at Bad Packets said that the company’s honeypots observed a GET request scan right before Christmas targeting the modems, which are used t...

A week in security (July 16 – July 22)

Last week on Labs, we looked at a Magniber expansion, explored open source vulnerabilities, and checked out the boons and drawbacks of smart assistants. We also continued our ad blocking article extravaganza, gave a whistlestop tour of third-party problems, and published our Q2 Cybercrime tactics...

Millions of Telefonica customers’ data exposed after security breach

By Waqas Telefonica, a telecom operator based in Spain, has become a victim of a security breach after hackers managed to exploit a vulnerability that led to the exposure of private data of millions of Telefonica customers while leaking billing data of other customers. The billing data is easily...

Metadata Analysis Draws its Own Conclusions on WannaCry Authors

The most intriguing mystery that remains about WannaCry is the identity of the attacker. The theory with the best legs is that North Korea’s Lazarus APT is the entity behind the worldwide ransomware outbreak given the discovery of shared code samples in the malware with older Lazarus attacks. Tha...

U.K. Hospitals Hit in Widespread Ransomware Attack

At least 16 hospitals in the United Kingdom are being forced to divert emergency patients today after computer systems there were infected with ransomware, a type of malicious software that encrypts a victim's documents, images, music and other files unless the victim pays for a key to unlock the...

jobs.telefonica.com XSS vulnerability

Vulnerable URL: https://jobs.telefonica.com/talentcommunity/subscribe/?slp=/talentcommunity/profile/%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 18.08.2016 Latest check for patch:| 18.08.2016 11:05 GMT Vulnerability type:| XSS Vulnerability status:...

o2 DSL Auto Configuration Server Credential Disclosure

Advisory: o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials The o2 Auto Configuration Server ACS discloses VoIP/SIP credentials of arbitrary customers when receiving manipulated CWMP packets. These credentials can then be used by an attacker to register any VoIP number of the victim. This...

Huawei HG253s V2 Information Disclosure Vulnerability

Huawei HG253s V2 suffers from a remote information disclosure vulnerability. Huawei HG253s v2 Vodafone-Spain is starting to rent a new Huawei HG253v2 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @VicenDominguez Vulnerability...

Huawei HG253s V2 Information Disclosure

Huawei HG253s v2 Vodafone-Spain is starting to rent a new Huawei HG253v2 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @VicenDominguez Vulnerability Basically, it is not validating the session cookie in some administration...

Pirelli Home Broadband Routers Exposed for Two Years

ISP-issued home broadband routers have been a shooting gallery for researchers and hackers alike looking for, and successfully exploiting, shocking vulnerabilities. One disclosed by a researcher in Spain this week is symptomatic of the problem to a disturbing degree. Researcher Eduardo Novella...

Telefonica O2 Connection Manager 3.4 - Local Privilege Escalation Vulnerability

No description provided by source. Telefonica O2 Connection Manager 3.4 Local Privilege Escalation Vulnerability Vendor: Telefonica S.A. Product web page: http://www.telefonica.com | http://www.o2.co.uk Affected version: 3.4.R1 108 Summary: O2 Connection Manager will help you to manage your...

Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation

No description provided by source. Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation Vendor: Telefonica S.A. Product web page: http://www.telefonica.com | http://www.o2.co.uk Affected version: 8.7.6.792 Summary: O2 Connection Manager will help you to manage your...

Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation

Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation Vendor: Telefonica S.A. Product web page: http://www.telefonica.com | http://www.o2.co.uk Affected version: 8.7.6.792 Summary: O2 Connection Manager will help you to manage your internet connections by getting you...