Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

New V3B Phishing Kit Steals Logins and OTPs from EU Banking Users

By Deeba Ahmed New phishing kit targets European bank users! Protect yourself from V3B attacks designed to steal your logins and… This is a post from HackRead.com Read the original post: New V3B Phishing Kit Steals Logins and OTPs from EU Banking Users

HackRead
#web#windows#nodejs#git#auth
A week in security (May 27 – June 2)

A list of topics we covered in the week of May 27 to June 2 of 2024

How to tell if a VPN app added your Windows device to a botnet

This post will help users find out if their Windows device has been added to the 911 S5 botnet by a malicious VPN application

Online Payment Hub System 1.0 SQL Injection

Online Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Check Point Security Gateway Information Disclosure

Check Point Security Gateway suffers from an information disclosure vulnerability. Versions affected include R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, and R81.20.

New banking trojan “CarnavalHeist” targets Brazil with overlay attacks

Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called “CarnavalHeist.” Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil.

Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks

Drivers from New York to Georgia and Pennsylvania have received these types of texts with equally convincing phishing text messages and lure pages.

GHSA-g4c9-qfvw-fmr4: TYPO3 Cross-Site Scripting in Backend Modal Component

Failing to properly encode user input, notifications shown in modal windows in the TYPO3 backend are vulnerable to cross-site scripting. A valid backend user account is needed in order to exploit this vulnerability.

Is Your Computer Part of ‘The Largest Botnet Ever?’

The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various "free VPN" products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.

Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

By Waqas Cybersecurity researchers at Bitdefender have found a surge in malware and phishing attacks on Discord, noting 50,000 malicious… This is a post from HackRead.com Read the original post: Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered