Lucene search
K

2564 matches found

ThreatPost
ThreatPost
added 2012/11/21 4:9 p.m.9 views

Attackers Had Access for Months in South Carolina Data Breach

Attackers had two months of unfettered access to South Carolina’s Department of Revenue systems in a classic targeted attack that began with a phishing email and ended with the loss of electronic tax return data, and payment card and personal information on 3.8 million filers, possibly dating bac...

1.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/11/14 5:42 p.m.7 views

Planned Cyberattacks on US Banks on Hold

Upwards of 30 major U.S. banks and financial institutions have been given a reprieve. The hacker behind a coordinated attack against giants such as Bank of America, Chase, Citibank, PNC, Wells Fargo and nearly two dozen other banks has called off the operation after media reports surfaced a month...

1AI score
Exploits0References8
ThreatPost
ThreatPost
added 2012/11/12 7:24 p.m.10 views

Blizzard Sued Over Data Breach, Authenticator Sales

UPDATED–A group of customers is suing gaming giant Blizzard Entertainment in connection with a data breach in August that resulted in user email addresses, hashed passwords and other information being stolen by attackers. The suit claims that the company did not do enough to secure users’ account...

Exploits0References4
The Hacker News
The Hacker News
added 2012/10/26 10:43 p.m.11 views

Remotely controlled Malware as Browser extensions

"Browser extensions extend the functionality of the web browser. These extensions improve the appearance, functionality, security or other parts of the browser. Extensions were also developed with malicious intent, in order to generate revenue or just spread the code between more and more browser...

7.6AI score
Exploits0
ThreatPost
ThreatPost
added 2012/10/24 6:13 p.m.9 views

Operation High Roller Banked on Fast-Flux Botnet to Steal Millions

A fraud ring that attacked financial transfer systems in an attempt to get at wealthy high-end banking customers used a complicated web of malware and compromised servers in several countries to walk off with an estimated $78 million earlier this year. While the attacks targeted financial systems...

0.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2012/10/04 4:15 p.m.13 views

Cybercrime Gang Recruiting Botmasters for Large-Scale MiTM Attacks on American Banks

A slew of major American banks, some already stressed by a stream of DDoS attacks carried out over the past 10 days, may soon have to brace themselves for a large-scale coordinated attack bent on pulling off fraudulent wire transfers. RSA’s FraudAction research team has been monitoring undergroun...

1.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2012/09/18 2:8 a.m.11 views

Developer Warns Millions of Virgin Mobile Subscribers About Authentication Flaw

An Alamo, Texas developer on Monday warned Virgin Mobile U.S. subscribers that their accounts can be hacked after the company failed to respond with a fix. “I reported the issue to Virgin Mobile a month ago and they have not taken any action, nor informed me of any concrete steps to fix the...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/08/27 3:27 p.m.7 views

Looking to Bolster Security, Dropbox Adds Two-Factor Authentication

Several weeks after announcing that some of its users’ log-ins and passwords had been stolen, file storage company Dropbox announced it has added a two-step authentication process over the weekend to help reinforce the security of its users’ accounts. The added layer of security is currently...

0.7AI score
Exploits0References11
The Hacker News
The Hacker News
added 2012/08/16 9:29 p.m.6 views

Airport VPN hacked using Citadel malware

It sounds like an air traveler's nightmare, Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network VPN credentials used by employees at a major airport.The firm would not disclose the name of the airport because the situation is being...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2012/08/01 2:58 p.m.12 views

Dropbox Blames Breach for Recent Spam Targeting Customers

Over the last few weeks an attacker used a collection of illicitly obtained usernames and passwords to infiltrate a number of Dropbox accounts, including one belonging to a Dropbox employee. The usernames and passwords were stolen from other, third-party websites, Dropbox officials said, finally...

7.6AI score
Exploits0References6
ThreatPost
ThreatPost
added 2012/07/10 2:24 p.m.12 views

New E-Banking Trojans Target Android Users

The security firm Trusteer reports that new Web-based attacks are targeting Android smartphone users in a campaign to circumvent two-factor sign-on features used by many banks to protect account holders. Writing on the Trusteer blog on Tuesday, CTO Amit Klein of Trusteer said that researchers the...

0.6AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/07/04 12:5 p.m.14 views

An Unhappy Birthday For Uncle Sam On Cyber Security

Here’s the good news on America’s birthday: the last year has seen the U.S. emerge as an undisputed global leader in the use of offensive cyber operations. Averting another “Sputnik” moment, the nation’s longest running and most successful democracy blazed new trails in non-kinetic warfare,...

7.2AI score
Exploits0References17
ThreatPost
ThreatPost
added 2012/06/05 6:22 p.m.19 views

Cloudflare CEO: AT&T Voicemail Hack Key To Compromise

Loose security protecting voice mailboxes at mobile carrier AT&T provided a key element necessary to successfully hack the Google Enterprise Apps account of tech firm CloudFlare, according to an account of the hack posted by CEO Matthew Prince. Writing on the company’s blog on Monday, Prince said...

3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/05/31 3:13 p.m.8 views

House Hearing to Address Capital Market Threats

The House Committee on Financial Services is hosting a hearing tomorrow in which they will explore the various cyber threats targeting capital markets and government sponsored enterprises. Entitled “Cyber Threats to Capital Markets and Corporate Accounts,” the hearing in front of the Committee on...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2012/05/31 1:45 p.m.12 views

Tiny New Tinba Banker Trojan Found Stealing Financial Data

Security researchers have discovered a tiny new banking Trojan that comprises just 20 KB of code and uses a number of well-word man-in-the-browser tricks in an attempt to defeat two-factor authentication. Known as Tinba, the new malware doesn’t bother with any encryption or packing and yet is...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/03/21 3:5 p.m.19 views

New VPN Hunter Service Scans Domains For Remote-Access Systems

If there’s one thing attackers love, it’s readily accessible remote-connection services running on a target company’s network. Once an attacker knows that an organization is running a specific kind of VPN or has RDP enabled on a bunch of machines, he can then start looking for known vulnerabiliti...

0.6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2012/01/30 10:42 a.m.9 views

Data encryption : PrivateSky Secure Information Exchange platform

Data encryption : PrivateSky Secure Information Exchange platform CertiVox today unveiled a breakthrough in information security: PrivateSky Secure Information Exchange SIXTM platform. The new service provides fast, easy-to-use protection for email, files and other information sent via the cloud,...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/12/20 12:0 a.m.29 views

RSA SecurID Software Token Installed

RSA SecurID Software Token, a two-factor authentication application, is installed on the remote Windows host. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid57348; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10";...

5.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2011/12/14 4:16 p.m.13 views

What About Fob?

Few things sent shockwaves to all corners of the security community like news in March that RSA’s popular SecurID two-factor authentication tokens had been rendered all but useless by a small but cleverly targeted phishing campaign that included a payload of a malicious Flash object embedded in a...

1.6AI score
Exploits0References1
exploitpack
exploitpack
added 2011/11/15 12:0 a.m.21 views

Authenex A-KeyASAS Web Management Control 3.1.0.2 - Blind SQL Injection

Authenex A-KeyASAS Web Management Control 3.1.0.2 - Blind SQL Injection ============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-002 - Original release date: September 21, 2011 - Discovered by: Jose Carlos de Arriba - Senior Security Analyst at...

0.6AI score
Exploits0
Rows per page
Query Builder