Aggregator

A vulnerability, which was classified as critical, has been found in mosMedia. This issue affects some unknown processing of the file Mambo/Joomla. The manipulation of the argument mosConfig_absolute_path leads to Remote Code Execution. The identification of this vulnerability is CVE-2007-2043. The attack may be initiated remotely. Furthermore, there is an exploit available.

Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to an increase in public charging stations. However, new cyber threats have emerged with this growth, including “quishing.” This term, a combination of […]

你可能错过的新鲜事英特尔发布酷睿 Ultra 200V 系列处理器9 月 3 日，英特尔公司在柏林举办发布会，推出酷睿 Ultra 200V 系列处理器。该处理器系列分为 5、7、9 三个类目，共

The DoJ says Russia paid a US company $10m to post disinformation that attracted millions of views online

A vulnerability, which was classified as critical, has been found in Avant-Garde Solutions MOSMedia 1.0.8. This issue affects some unknown processing of the file media.tab.php of the component mediad. The manipulation of the argument mosConfig_absolute_path leads to file inclusion. The identification of this vulnerability is CVE-2007-2043. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in bibleslots SLOTS: Bible Slots Free 1.122 and classified as critical. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-5888. The attack needs to be approached within the local network. There is no exploit available.

Вебинар Positive Technologies состоится 10 сентября в 14:00.

A vulnerability was found in Apple macOS up to 10.13.1 and classified as critical. This issue affects some unknown processing of the component Kernel. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2017-13817. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

2024年9月5日，深瞳漏洞实验室监测到一则Apache-ofbiz组件存在服务器端伪造请求（SSRF）漏洞的信息，漏洞编号：CVE-2024-45507，漏洞威胁等级：高危。

Binarly announced Binarly Transparency Platform 2.5 with several features designed to enhance software vulnerability management and improve security posture across enterprise environments. The key highlight of this release is the innovative Reachability Analysis, a feature that identifies and prioritizes vulnerabilities based on their exploitability within the system’s execution flow, allowing for more targeted and effective remediation. With the introduction of Reachability Analysis, Binarly’s Transparency Platform 2.5 provides a truly innovative method to evaluate risk by … More →

The post Binarly Transparency Platform 2.5 identifies critical vulnerabilities before they can be exploited appeared first on Help Net Security.

据BleepingComputer消息，一款最初被设计为红队演练之用的工具MacroPack近来正被攻击者滥用并部署恶意负载 Havoc、Brute Ratel 和 PhatomCore ，所发现的恶意文档已涉及多个国家和地区。 MacroPack 是由法国开发人员 Emeric Nasi （dba BallisKit） 创建的专注于红队演习演练和对手模拟的专有工具，提供反恶意软件绕过、反逆技术、使用代码混淆构建各种文档有效负载、嵌入无法检测的 VB 脚本等多项高级功能。 Cisco Talos 的安全研究人员研究了来自美国、俄罗斯和巴基斯坦等国家和地区在 VirusTotal 上提交的恶意文档，这些文件的诱饵、复杂程度和感染载体各不相同，表明 MacroPack 正被多个攻击者滥用，已成为一种潜在的威胁趋势。 这些被捕获的野外样本都有在 MacroPack 上创建的痕迹，包括基于马尔可夫链的函数和变量重命名、删除注释和多余的空格字符（这些字符可将静态分析检测率降到最低）以及字符串编码。 当受害者打开这些恶意Office 文档时会触发第一级 VBA 代码，该代码会加载恶意 DLL，并连接到攻击者的命令和控制 (C2) 服务器。 攻击链 Cisco Talos 的报告了一些与MacroPack 滥用相关的重要恶意活动集群： 美国：2023 年 3 月上传的一份文件伪装成加密的 NMLS 更新表格，并使用马尔可夫链生成的函数名来逃避检测。 该文档包含多级 VBA 代码，在尝试通过 mshta.exe 下载未知有效载荷之前会检查沙盒环境。 装成加密的 NMLS 更新表格 俄罗斯：2024 年 7 月，一个俄罗斯 IP 上传的空白 Excel 工作簿提供了 PhantomCore，这是一个基于 Golang 的用于间谍活动的后门 。 该文件运行多级 VBA 代码，试图从远程 URL 下载后门。 巴基斯坦：从巴基斯坦各地上传了以巴基斯坦军事为主题的文件。 其中一份文件伪装成巴基斯坦空军的通知，另一份伪装成就业确认书，部署了 Brute Ratel 獾。 这些文件通过 HTTPS DNS 和亚马逊 CloudFront 进行通信，其中一个文档嵌入了 base64 编码的 blob 以用于 Adobe Experience Cloud 跟踪。   转自FreeBuf，原文链接：https://www.freebuf.com/news/410268.html 封面来源于网络，如有侵权请联系删除。

A vulnerability classified as problematic was found in Samsung Samsung Assistant. This vulnerability affects unknown code of the component Location Data Handler. The manipulation leads to improper handling of insufficient permissions or privileges. This vulnerability was named CVE-2024-34661. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Group Sharing 10.8.03.2/13.0.6.15 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-34659. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Samsung Notes. It has been classified as critical. This affects an unknown part. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-34657. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Devices. It has been rated as problematic. Affected by this issue is some unknown functionality of the component CocktailbarService. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2024-34650. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Samsung Devices. This affects an unknown part of the component My Files. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-34651. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Samsung Devices. This vulnerability affects unknown code of the component My Files. The manipulation leads to path traversal. This vulnerability was named CVE-2024-34653. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Samsung Devices. This issue affects some unknown processing of the component My Files. The manipulation leads to improper export of android application components. The identification of this vulnerability is CVE-2024-34654. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Samsung Devices. Affected is an unknown function of the component UniversalCredentialManager. The manipulation leads to incorrect use of privileged apis. This vulnerability is traded as CVE-2024-34655. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Notes 2.0.02.31/4.2.00.22/4.2.04.27/4.3.14.39/4.4.15. It has been classified as critical. This affects an unknown part. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-34660. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.