Aggregator

CVE-2024-8925 | PHP up to 8.1.29/8.2.23/8.3.11 HTTP POST Request (GHSA-9pqp-7h25-4f32)

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability was found in PHP up to 8.1.29/8.2.23/8.3.11 and classified as problematic. This issue affects some unknown processing of the component HTTP POST Request Handler. The manipulation leads to an unknown weakness. The identification of this vulnerability is CVE-2024-8925. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-47594 | SAP NetWeaver Enterprise Portal 7.5 KMC Servlet cross site scripting

VulDB Recent Entries
3 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in SAP NetWeaver Enterprise Portal 7.5. This affects an unknown part of the component KMC Servlet. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-47594. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2014-7484 | enyetech Coca-Cola FM Guatemala 2.0.41725 X.509 Certificate cryptographic issues (VU#582497)

Vuldb Updates
3 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in enyetech Coca-Cola FM Guatemala 2.0.41725. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-7484. The attack needs to be done within the local network. There is no exploit available.
vuldb.com

CVE-2020-3580 | Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting

Vuldb Updates
3 months 4 weeks ago
A vulnerability was found in Cisco ASA and Firepower Threat Defense. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Services Interface. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2020-3580. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

The role of self-sovereign identity in enterprises

Help Net Security
3 months 4 weeks ago

As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and organizations vulnerable to data breaches and privacy violations. But there’s a better alternative to the current approach of creating these endless islands of identity: Self-sovereign identity (SSI) allows individuals to take ownership of their … More →

The post The role of self-sovereign identity in enterprises appeared first on Help Net Security.

Help Net Security

CVE-2016-3228 | Microsoft Windows Netlogon input validation (MS16-076 / Nessus ID 91604)

Vuldb Updates
3 months 4 weeks ago
A vulnerability classified as critical was found in Microsoft Windows Server 2008/Server 2008 R2/Server 2012/Server 2012 R2. Affected by this vulnerability is an unknown functionality of the component Netlogon. The manipulation leads to improper input validation. This vulnerability is known as CVE-2016-3228. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2014-7483 | Desire2Learn FUSION 2014 4.0.729.1748 X.509 Certificate cryptographic issues (VU#582497)

Vuldb Updates
3 months 4 weeks ago
A vulnerability classified as critical was found in Desire2Learn FUSION 2014 4.0.729.1748. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-7483. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2016-3230 | Microsoft Windows up to Server 2012 R2 Search input validation (MS16-082 / Nessus ID 91609)

Vuldb Updates
3 months 4 weeks ago
A vulnerability has been found in Microsoft Windows up to Server 2012 R2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Search. The manipulation leads to improper input validation. This vulnerability is known as CVE-2016-3230. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits

The Hackers News
3 months 4 weeks ago
Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to "memory corruption
The Hacker News

CVE-2003-0478 | Bahamut IRCd 1.2.3/1.4.35 Debug Mode format string (EDB-22839 / Nessus ID 11783)

Vuldb Updates
3 months 4 weeks ago
A vulnerability, which was classified as critical, was found in Bahamut IRCd 1.2.3/1.4.35. Affected is an unknown function of the component Debug Mode. The manipulation leads to format string. This vulnerability is traded as CVE-2003-0478. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

0ktapus威胁组织对130多家企业发起网络攻击

嘶吼
3 months 4 weeks ago

据悉,针对 Twilio 和 Cloudflare 员工的攻击与大规模网络钓鱼活动有关,该活动导致 130 多个组织的 9,931 个帐户遭到入侵。

研究人员表示,这些活动与针对身份和访问管理公司 Okta 的攻击有关,该公司为威胁者取了 0ktapus 的绰号。

Group-IB 研究人员在最近的一份报告中写道:“威胁者的主要目标是从目标组织的用户那里获取 Okta 身份凭证和多因素身份验证 (MFA) 代码。”这些用户收到的短信包含模仿其组织的 Okta 身份验证页面的钓鱼网站链接。

受影响的有 114 家美国公司,另有其他 68 个国家也受到了影响。Group-IB 高级威胁情报分析师表示,攻击范围仍不得而知。

0ktapus 黑客想要什么

根据 Group-IB 分析的受损数据分析,0ktapus 攻击者的攻击目标是电信公司。虽然不确定威胁者如何获得用于 MFA 相关攻击的电话号码列表,但研究人员认为,0ktapus 攻击者的攻击目标大概率是电信公司。

接下来,攻击者通过短信向目标发送钓鱼链接。这些链接指向模仿目标雇主使用的 Okta 身份验证页面的网页。然后,受害者被要求提交 Okta 身份凭证以及员工用于保护其登录信息的多因素身份验证 (MFA) 代码。

在附带的技术博客中,Group-IB 的研究人员解释说,最初主要针对软件即服务公司的攻击只是多管齐下的攻击的第一阶段。0ktapus 的最终目标是访问公司邮件列表或面向客户的系统,以期促进供应链攻击。

在 Group-IB 发布报告的几个小时内,DoorDash 公司透露,它遭受了一次具有 0ktapus 式攻击所有特征的攻击。

爆炸半径:MFA 攻击

DoorDash 在博客文章中透露:“未经授权的一方利用窃取的供应商员工凭证访问了我们的一些内部工具。”根据该帖子,攻击者继续窃取客户和送货员的个人信息,包括姓名、电话号码、电子邮件和送货地址。

Group-IB 报告称,攻击者在攻击过程中破解了 5,441 个 MFA 代码。虽然 MFA  等安全措施看起来很安全,但很明显,攻击者可以用相对简单的工具攻破它们。

为了缓解 0ktapus 的活动,研究人员建议人们应注意 URL 和密码的安全,并使用符合 FIDO2 的安全密钥进行 MFA。无论使用哪种 MFA,都应该向用户传授针对其 MFA 形式实施的常见攻击类型、如何识别这些攻击以及如何应对。

胡金鱼

How hybrid workforces are reshaping authentication strategies

Help Net Security
3 months 4 weeks ago

In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometrics, to enhance security while maintaining productivity. Given the rise of hybrid and remote workforces, how have authentication challenges evolved, and what strategies are being employed to maintain secure access without compromising productivity? The shift to hybrid and remote work … More →

The post How hybrid workforces are reshaping authentication strategies appeared first on Help Net Security.

Mirko Zorz

COVID-19 影响到了月球

Solidot
3 months 4 weeks ago
COVID-19 疫情在地球上引发了混乱,一项新研究表明,它的影响可能超出了地球范围。 科学家利用 NASA月球勘测轨道飞行器(Lunar Reconnaissance Orbiter, LRO)收集的数据,分析了月球六个地点的表面温度。他们对 2017 年至 2023 年的温度数据进行了研究,发现 2020 年 4 月至 5月的温度异常下降,范围在 8K 到 10K 之间。其中,最低温度出现在风暴洋(Oceanus Procellarum)中的一个地点,降至 96K(约-177˚C)。这一变化似乎与疫情期间的全球封锁相吻合。COVID-19 的第一波疫情在 2020 年 3 月席卷全球,各国政府颁布了严格的封锁令以遏制病毒的传播。到 4 月全球约一半的人口被要求或命令待在家中。研究人员推测,这一降温现象可能是由于封锁期间地球释放的辐射热量减少,从而减少大气中散失至太空的热量。全球封锁减少了工业活动、交通和矿业等会产生温室气体的活动,研究表明,全球二氧化碳排放量在 2020 年 4 月初比 2019 年的平均下降了约17%。

Google 测试支持扩展的 Chrome for Android

Solidot
3 months 4 weeks ago
Google 正在开发支持扩展的 Chrome for Android。Google 测试的是针对 Chromebook 的 Chrome for Android 的“桌面”构建版本,Chromebook 笔电使用的浏览器正逐渐转向 Chrome for Android,移动设备可能会受益于 Google 的这项工作。Chrome for Android 目前不支持扩展,支持扩展的移动浏览器如 Firefox for Android,它支持广告屏蔽扩展如 uBlock。

CVE-2024-47910 | SonarSource SonarQube up to 9.9.4 LTA/10.4 GitHub Integration access control

Vuldb Updates
3 months 4 weeks ago
A vulnerability was found in SonarSource SonarQube up to 9.9.4 LTA/10.4. It has been classified as critical. This affects an unknown part of the component GitHub Integration. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-47910. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-47911 | SonarSource SonarQube 10.4.x/10.5.x API Endpoint group-memberships sql injection

Vuldb Updates
3 months 4 weeks ago
A vulnerability was found in SonarSource SonarQube 10.4.x/10.5.x. It has been declared as critical. This vulnerability affects unknown code of the file authorizations/group-memberships of the component API Endpoint. The manipulation leads to sql injection. This vulnerability was named CVE-2024-47911. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-47841 | Wikimedia CSS Extension up to 1.39.8/1.41.2/1.42.1 on Mediawiki path traversal

Vuldb Updates
3 months 4 weeks ago
A vulnerability was found in Wikimedia CSS Extension up to 1.39.8/1.41.2/1.42.1 on Mediawiki. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2024-47841. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad