UniCredit Suffers Third Breach Despite Investing Billions in Cybersecurity

Despite investing 2.4 billion euros since 2016 to upgrade its cybersecurity profile, Italian banking institution UniCredit has suffered its third recent data breach, this time impacting 3 million customers. The company said in a short data breach announcement on its website that names, telephone...

UniCredit Bank Suffers 'Data Incident' Exposing 3 Million Italian Customer Records

UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers. Officially founded in 1870, UniCredit is Italy's biggest banking and financial...

UniCredit Bank Suffers 'Data Incident' Exposing 3 Million Italian Customer Records

UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers. Officially founded in 1870, UniCredit is Italy's biggest banking and financial...

Mobile.UniCredit - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Mobile.UniCredit published at the 'play' market has multiple vulnerabilities...

Italian Banking Giant UniCredit Hacked; 400,000 Customers Impacted

By Waqas UniCredit, an Italian global banking, and financial services company have announced This is a post from HackRead.com Read the original post: Italian Banking Giant UniCredit Hacked; 400,000 Customers Impacted...

investimenti.unicredit.it XSS vulnerability

Vulnerable URL: http://www.investimenti.unicredit.it/tlab2/itIT/onemarkets/iscrizioneeventi.jsp?id=585=%27%3C/script%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

CVE-2014-7040

The UniCredit Investors aka eu.unicreditgroup.brand.ucinvestors application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The UniCredit Investors aka eu.unicreditgroup.brand.ucinvestors application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7040

The UniCredit Investors aka eu.unicreditgroup.brand.ucinvestors application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7040

CVE-2014-7040 affects the UniCredit Investors Android app (version 1.0). The connected sources confirm the root cause: the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and read sensitive information via a crafted certificate. The N...

UniCredit Bank CSRF / XSS / Shell Upload Vulnerabilities

UniCredit Bank suffers from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities. They have not responded to the authors notifications. ============================================================================================== UNICREDITBANK Cross Site...

UniCredit Bank Cross Site Request Forgery / Cross Site Scripting / Shell Upload

============================================================================================== UNICREDITBANK Cross Site Scripting & Dom Based / File Upload / form without CSRF protection = ============================================================================================== TIME-LINE...