Aggregator

A vulnerability classified as critical was found in Home Made Air Freshener 1.1. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-7676. The attack can only be initiated within the local network. There is no exploit available.

NASA 于 10 月 14 日 12:06 p.m. EDT (1606 UTC)在佛罗里达肯尼迪太空中心使用 SpaceX 的 Falcon Heavy 火箭成功发射了欧罗巴快船（Europa Clipper），它将花费六年时间飞往木星卫星欧罗巴，调查其宜居性，为未来的登陆器挑选登陆地点。欧罗巴快船是 NASA 至今为行星任务建造的最大探测器。欧罗巴由伽利略于 1610 年发现，在已知的 95 颗木星卫星中，它的直径和质量第四大，它比月球小，主要由硅酸盐岩石构成，并具有水-冰地壳，可能是一个铁-镍核心。它有稀薄的大气层，主要由氧气组成；表面有大量裂缝和条纹，而陨石坑比较罕见，有在太阳系任何已知的固体物体的最光滑表面。已有证据表明其冰层下面存在一个地下海洋。欧罗巴被认为是太阳系中除地球之外最适宜生命生存的地方。探测器将于 2025 年 2 月利用火星和 2026 年 12 月利用地球的引力辅助，于 2030 年 4 月抵达目的地。

Узнайте, как новые теги и интеграции упрощают процессы.

Online scammers are targeting Booking.com and Airbnb users with Telekopye, a Telegram-based toolkit

Il Consiglio dell'Unione europea ha adottato "un nuovo regolamento sui requisiti di cibersicurezza p

A report finds a third (33%) of the cloud security incidents investigated by IBM Security X-Force researchers, involved phishing attacks to steal credentials, followed closely by 28% of incidents that involved attacks where cybercriminals had already obtained some type of valid credential.

The post IBM X-Force Security Report Spotlights Lack of Cloud Security Fundamentals appeared first on Security Boulevard.

A vulnerability classified as critical has been found in TicketOne.it 2.2. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-7674. The attack can only be done within the local network. There is no exploit available.

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on critical infrastructure in the UAE and wider Gulf region.  The group employs sophisticated techniques to gain unauthorized access and exfiltrate sensitive data, such as using a new backdoor to steal credentials via on-premises Microsoft Exchange servers by exploiting vulnerabilities like CVE-2024-30088 […]

The post OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

WARNING: This article discusses child sexual abuse material (CSAM).At first glan

尽管生成式人工智能被滥用于欺诈和深度伪造操作，网络安全公司Sophos在上周发布的一份报告中表示，该技术还可能被滥用，通过目标电子邮件传播定制的虚假信息。

Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies and connecting to various IP addresses. It establishes multiple backdoor connections and monitors user activity through Windows UI element hooks, which poses a significant security risk as it can compromise system integrity and steal sensitive data. The malware is a UPX-packed […]

The post CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Suricata之dnslog域名检测 by dpzxpz

Suricata之弱口令检测 by dpzxpz

大语言模型课程Slide by ourren

SecWiki周刊（第554期) by ourren

SecWiki周刊（第553期) by ourren

更多最新文章，请访问SecWiki

The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further investigation, where researchers have identified 40 variants, 16 droppers, and 22 active Command and Control servers associated with this threat.  These variants employ advanced techniques like zip file manipulation and obfuscation to evade detection. Despite the lack of IOC release, the […]

The post TrickMo Malware Targets Android Devices to Steal Unlock Patterns and PINs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Oracle Java SE 7u291/8u281/11.0.10/16 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Libraries. The manipulation leads to an unknown weakness. This vulnerability is known as CVE-2021-2163. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome on macOS. It has been classified as critical. This affects an unknown part of the component Payments. The manipulation as part of HTML Page leads to use after free. This vulnerability is uniquely identified as CVE-2020-6496. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component Developer Tools. The manipulation leads to incorrect default permissions. This vulnerability is handled as CVE-2020-6495. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.