Aggregator

CVE-2024-8058 | Lenovo FileZ Client prior 9.8.6.0 improper validation of specified type of input (EUVD-2024-49613)

Vuldb Updates
3 months 2 weeks ago
A vulnerability was found in Lenovo FileZ Client. It has been declared as critical. This affects an unknown part. Such manipulation leads to improper validation of specified type of input. This vulnerability is documented as CVE-2024-8058. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-31914 | IBM Sterling B2B Integrator Standard Edition up to 6.1.2.5/6.2.0.2 Web UI cross site scripting

Vuldb Updates
3 months 2 weeks ago
A vulnerability classified as problematic has been found in IBM Sterling B2B Integrator Standard Edition up to 6.1.2.5/6.2.0.2. The impacted element is an unknown function of the component Web UI. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2024-31914. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits

The Hackers News
3 months 2 weeks ago
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime's weapons of mass destruction and ballistic missile programs. "The North Korean regime continues to target American
The Hacker News

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits

不安全
3 months 2 weeks ago
美国财政部宣布对两名个人和两家实体实施制裁,因其参与朝鲜远程IT工人计划,通过数据盗窃和勒索为朝鲜的武器项目筹集资金。制裁对象包括俄罗斯籍的Andreyev、朝鲜官员Kim Ung Sun,以及中国公司Shenyang Geumpungri和Sinjin Trading Corporation。该计划利用AI伪造专业背景,将朝鲜IT人员嵌入合法企业,窃取敏感数据并进行勒索。

Managed ad