Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts

Vulnerabilities

Cerberus last edited by

Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds.

https://threatpost.com/ssrf-flaw-fintech-bank-accounts/179247/
DISCLAIMER: Please note, that this article is not the work of (or owned by) Hostrisk.com. Attribution and copyright of this article is retained in full by the original author referred to in the Source link above
1 Reply Last reply
Reply Quote 0

Suggested Topics

Zenly Social-Media App Bugs Allow Account Takeover
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

9
Views

A pair of bugs in the Snap-owned tracking app reveal phone numbers and allow account hijacking.

https://threatpost.com/zenly-bugs-account-takeover/178646/
Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

10
Views

Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.

https://threatpost.com/log4j-related-flaw-h2-database/177448/
Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

11
Views

Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters.

https://threatpost.com/attackers-hijack-email-threads-proxylogon-proxyshell/176496/

1 / 1

SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts

Suggested Topics

Zenly Social-Media App Bugs Allow Account Takeover Vulnerabilities • vulnerabilities • • Cerberus

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating Vulnerabilities • vulnerabilities • • Cerberus

Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws Vulnerabilities • vulnerabilities • • Cerberus

Zenly Social-Media App Bugs Allow Account Takeover
Vulnerabilities • vulnerabilities • • Cerberus

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Vulnerabilities • vulnerabilities • • Cerberus

Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws
Vulnerabilities • vulnerabilities • • Cerberus