Aggregator

CornDB is Allegedly Selling Credit Card Data of Hyp Payment Solutions

A vulnerability was found in ARM Trusted Firmware-M 1.4.0/1.4.1 and classified as critical. Affected by this issue is some unknown functionality of the component Firmware Update Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2021-43619. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in Trusted Firmware-A up to 2.8. Affected by this vulnerability is an unknown functionality of the component X.509 Parser. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2022-47630. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Trusted Firmware-M up to 1.8.0. This affects an unknown part of the component CryptoCell PSA Driver software Interface. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2023-40271. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A Threat Actor Claims to be Selling Data of Madame GS

A Threat Actor Claims to be Selling Thailand Investment Company Leads

A Threat Actor has Allegedly Leaked the Data of Alihankinta

A Threat Actor is Allegedly Selling the Data of ZuZu[.]ch

Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach. [...]

A Threat Actor Has Allegedly Leaked the Data of St. Andrew's Endicott

Interpol led 19 African countries in a massive anti-cybercriminal effort dubbed "Operation Serengeti" that shut down a range of scams and attacks that bled $193 million from 35,000 victims. More than 1,000 people were arrested and more than 134,000 malicious infrastructures shut down.

The post Interpol, African Nations Arrest 1,006 in Sweeping ‘Operation Serengeti’ appeared first on Security Boulevard.

A vulnerability classified as very critical has been found in Oracle Hospitality Simphony up to 19.5.4. This affects an unknown part of the component Simphony Enterprise Server. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2024-21010. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Hospitality Simphony up to 19.5.4 and classified as very critical. Affected by this issue is some unknown functionality of the component Simphony Enterprise Server. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2024-21014. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

​Microsoft has denied claims that it uses Microsoft 365 apps (including Word, Excel, and PowerPoint) to collect data to train the company's artificial intelligence (AI) models. [...]

A vulnerability was found in Unisoc SC7731E, SC9832E, SC9863A, T310, T606, T612, T616, T610, T618, T760, T770, T820 and S8000. It has been classified as problematic. This affects an unknown part of the component Faceid Service. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2023-52536. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in Unisoc SC7731E, SC9832E, SC9863A, T310, T606, T612, T616, T610, T618, T760, T770, T820 and S8000. It has been declared as problematic. This vulnerability affects unknown code of the component Network Adapter Service. The manipulation leads to denial of service. This vulnerability was named CVE-2023-52352. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as very critical, was found in Oracle Hospitality Simphony up to 19.5.4. This affects an unknown part of the component Simphony Enterprise Server. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2024-20997. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.