Aggregator
腾讯安全攻击面管理、嵌入式安全审计平台两大产品荣膺网络安全优秀创新成果优胜奖
3 months ago
CVE-2016-6461 | Cisco ASA 9.1(6.10) XML input validation (Nessus ID 96047 / ID 316071)
3 months ago
A vulnerability was found in Cisco ASA 9.1(6.10). It has been classified as critical. Affected is an unknown function. The manipulation leads to improper input validation (XML).
This vulnerability is traded as CVE-2016-6461. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2016-6483 | vBulletin 5.2.0/5.2.1/5.2.2 Media Upload server-side request forgery (EDB-40225 / ID 11674)
3 months ago
A vulnerability, which was classified as critical, was found in vBulletin 5.2.0/5.2.1/5.2.2. Affected is an unknown function of the component Media Upload. The manipulation leads to server-side request forgery.
This vulnerability is traded as CVE-2016-6483. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
Цифровая революция наоборот: Калифорния запрещает смартфоны в школах
3 months ago
Учебные советы готовятся к радикальным переменам. Как их воспримут дети?
Arcus Media
3 months ago
cohenido
Arcus Media
3 months ago
cohenido
CVE-2014-6979 | MiWay Insurance Ltd 1.2 X.509 Certificate cryptographic issues (VU#582497)
3 months ago
A vulnerability, which was classified as critical, was found in MiWay Insurance Ltd 1.2. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues.
This vulnerability is traded as CVE-2014-6979. The attack needs to be done within the local network. There is no exploit available.
vuldb.com
Революция в 319-й: миллионные штрафы за критику чиновников
3 months ago
Госдума ужесточает наказание за публичное оскорбление представителей власти.
研究建议做重要决策前睡个觉
3 months ago
根据发表在《Journal of Experimental Psychology: General》期刊上的一项研究,科学家再次证明我们容易被第一印象欺骗,在做出重要决策前最好睡个觉。由第一印象产生的偏见在心理学上叫首因效应(primacy bias)。研究人员首先展开了一系列虚拟盲盒拍卖实验,盒子里的东西都是不值钱的不需要的,参与者被要求找出最有价值的盒子。但参与者并不知道盲盒的总价值其实都是一样的。结果显示,如果参与者被要求立即做出决策,他们的决策都是基于第一印象,甚至会高估其价值。但如果他们被要求睡一觉第二天做决策,那么他们就不太可能陷入这一陷阱,能做出更理性的决策。
Campagne brengt vaardigheden en eigenschappen van veteranen in beeld
3 months ago
Militairen met uitzendervaring hebben vaardigheden en eigenschappen die van meerwaarde zijn voor het bedrijfsleven en publieke organisaties. Om daar meer erkenning en waardering voor te krijgen trapte de Stichting Onbekende Helden gisteren de campagne Ongekende Krachten af. Een doel daarvan is ook het bijstellen van het maatschappelijk beeld over veteranen.
CVE-2007-3585 | MyCMS 0.9.8 games.php id file inclusion (EDB-4144 / BID-24757)
3 months ago
A vulnerability was found in MyCMS 0.9.8 and classified as critical. This issue affects some unknown processing of the file games.php. The manipulation of the argument id leads to file inclusion.
The identification of this vulnerability is CVE-2007-3585. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
瞄准国内政企!深度揭秘的勒索软件运营商 Rast gang
3 months ago
奇安信威胁情报中心观察到由rust语言编写的勒索软件Rast ransomware非常活跃,国内大量机器被勒索,政企终端受害单位高达 20 余个。根据统计,短短十个月的时间内有 6800 多台终端被控,其中 5700 余台被成功加密。
Cybersecurity's dark secrets: 3 confessions from industry experts
3 months ago
From gnawing imposter syndrome to communication challenges with execs, cyber pros at DEF CON anonymously shared their “unfiltered truths” about working in the industry. Can you relate?
又一安卓恶意软件曝光,至少1100 万台设备已“中招”!
3 months ago
主站 分类 漏洞 工具 极客
Introducing Safebrowsing: Explore Suspicious Links in a Safe Virtual Browser
3 months ago
Current security measures against phishing links focus on automated checks and timely blocking before they reach users. Yet, some links still make it to their targets, leaving them vulnerable as they often have no simple, fast, and reliable tool at hand to check these links at the final stage. To address this security gap, we […]
The post Introducing Safebrowsing: Explore Suspicious Links in a Safe Virtual Browser appeared first on ANY.RUN's Cybersecurity Blog.
ANY.RUN
ISC Stormcast For Tuesday, September 24th, 2024 https://isc.sans.edu/podcastdetail/9150, (Tue, Sep 24th)
3 months ago
CVE-2021-38406 | Delta Electronics DOPSoft up to 2.00.07 Project File Parser out-of-bounds write (icsa-21-252-02)
3 months ago
A vulnerability was found in Delta Electronics DOPSoft up to 2.00.07. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Project File Parser. The manipulation leads to out-of-bounds write.
This vulnerability is known as CVE-2021-38406. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2021-39226 | Grafana Labs 8.1.6/prior 7.5.11 Permission improper authentication (GHSA-69j6-29vr-p3j9)
3 months ago
A vulnerability, which was classified as very critical, has been found in Grafana Labs Grafana prior 7.5.11/8.1.6. Affected by this issue is some unknown functionality of the component Permission Handler. The manipulation leads to improper authentication.
This vulnerability is handled as CVE-2021-39226. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2022-22963 | VMware Spring Cloud Function up to 3.1.6/3.2.2 SpEL Expression code injection (EDB-51577)
3 months ago
A vulnerability was found in VMware Spring Cloud Function up to 3.1.6/3.2.2 and classified as very critical. Affected by this issue is some unknown functionality of the component SpEL Expression Handler. The manipulation leads to code injection.
This vulnerability is handled as CVE-2022-22963. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com