Aggregator

Когда утечка данных превращается в мощный инструмент противодействия киберугрозам.

A vulnerability, which was classified as problematic, has been found in Finder Fire Safety Finder ERP CRM. Affected by this issue is some unknown functionality. The manipulation leads to improper validation of syntactic correctness of input. This vulnerability is handled as CVE-2024-12146. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. This vulnerability is known as CVE-2025-2050. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #514234 / VDB-298806

Submit #514218 / VDB-298805

Submit #514191 / VDB-298804

A vulnerability classified as problematic has been found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file AB+.php. The manipulation of the argument Bloodname leads to cross site scripting. This vulnerability is traded as CVE-2025-2049. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Smartwares CIP-37210AT and C724IP up to 3.3.0. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2024-13894. It is possible to launch the attack on the local host. There is no exploit available.

Persona announced the next generation of their unified KYC-KYB platform that will combat sophisticated fraud during business onboarding and throughout the business lifecycle. These enhancements deliver insights into both businesses and the individuals behind them, enabling more effective fraud detection compared to traditional single-focus solutions. The rise in business fraud has created significant challenges across industries, from marketplace merchant fraud to fintech application fraud. According to the FTC, business identity theft has reached unprecedented levels, … More →

The post Persona combats fraud during business onboarding appeared first on Help Net Security.

A vulnerability was found in Smartwares CIP-37210AT and C724IP up to 3.3.0. It has been declared as critical. This vulnerability affects unknown code of the component Telnet Service. The manipulation leads to use of default credentials. This vulnerability was named CVE-2024-13893. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

One of the biggest problems cybersecurity teams face is the overwhelming uncertainty of situations as cyberattacks unfold. It’s hard to know what mitigations to work on first, which systems are most likely to risk business loss as threat rapidly moves across a network — and how to fix root problems as responders dig into an incident.

The post The cybersecurity ‘fog of war’: How to apply data science to cut through appeared first on Security Boulevard.

Submit #514115 / VDB-298801

Submit #514186 / VDB-280376

Submit #514101 / VDB-280376

Submit #514089 / VDB-298800

Employees of a third-party company hacked into StubHub's computer system, stole almost 1,000 digital tickets to Taylor Swift concerts and other events, and emailed them to conspirators in New York, who then sold them on StubHub in a scheme that brought them $635,000 in profit.

The post Hackers Made $600,000 Selling Stolen Taylor Swift Concert Tickets appeared first on Security Boulevard.

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument search leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2047. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #514015 / VDB-298797