Aggregator

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.165/6.1.106/6.6.47/6.10.6. Affected is the function ip6_finish_output2. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-44986. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

In a pig butchering scam, fake trading apps first available on Google and Apple apps stores and later on phishing download sites lured victims into depositing money into fraudulent accounts, which was then stolen, according to a report from Group-IB.

The post Fake Trading Apps for Android, iOS Lead to Pig Butchering Scam appeared first on Security Boulevard.

以色列及美西方正在统一口径，试图淡化导弹袭击的损害程度，主要目的是为此次袭击的影响灭火降温，减少大众舆论压力，其真实意图是不想将事情扩大化，减少与伊朗可能爆发更大规模军事冲突的风险。

美军在菲律宾使用哪些军事基地？如何驱逐他们？

WordPress 是最流行的开源 CMS 内容管理系统，有多家公司提供了基于 WordPress 的托管服务，其中包括了 WordPress 联合创始人 Matt Mullenweg 创办的 Automattic 公司提供的 WordPress.com，以及 WP Engine。大约两周前 Mullenweg 公开抨击了竞争对手 WP Engine，称其是 WordPress 的肿瘤，指控该公司不当使用了 WordPress 和 WooCommerce 商标，禁止该公司访问 WordPress.org 开源资源。WP Engine 和 Automattic 先后向对方发出了停止终止函。本周四 WP Engine 对 Automattic 和 Mullenweg 提起诉讼，指控其滥权和勒索，以及 Mullenweg 作为联合创始人在处理 WordPress 开源项目时存在利益冲突。Mullenweg 周四披露，他向不同意其管理 WordPress 以及处理与 WP Engine 纠纷方式的雇员提供了遣散费。遣散费为 3 万美元或 6 个月薪水，取两者中较高的一个，接受遣散费的雇员将不会再被公司雇佣。他披露有 159 名雇员选择了辞职，占到了雇员总数的 8%。

At Seceon’s 2024 Innovation and Certification Days, one of the standout sessions was a conversation between Tom Ertel, our SVP of Technical Sales at Seceon, Roger Newton Jr., the brain behind the SOC at Logically. Roger shared some real-world insights into how Logically, one of Seceon’s largest partners, battles ransomware and other cyber threats using

The post Defeating Ransomware: Lessons from the Frontlines with Logically’s Roger Newton appeared first on Seceon Inc.

The post Defeating Ransomware: Lessons from the Frontlines with Logically’s Roger Newton appeared first on Security Boulevard.

A vulnerability classified as problematic was found in Themify Builder Plugin up to 7.6.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9385. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in WP Cleanup and Basic Functions Plugin up to 2.2.1 on WordPress. Affected is an unknown function of the component SVG File Upload Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-9455. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in parse-community parse-server up to 6.5.8/7.2.x. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The identification of this vulnerability is CVE-2024-47183. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Lif-Platforms Lif-Auth-Server up to 1.7.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-47768. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in idurar-erp-crm up to 4.1.0. It has been classified as critical. This affects an unknown part of the file corePublicRouter.js. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-47769. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in jgniecki MinecraftMotdParser up to 1.0.5 and classified as problematic. Affected by this issue is the function HtmlGenerator. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-47765. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Потенциальная атака могла парализовать работу объекта на полтора года.

De eerste repatriëringsvlucht vanuit Libanon is inmiddels onderweg terug naar Eindhoven. Nederlanders die kenbaar maakten terug te willen, zijn eerder vandaag op de luchthaven van Beiroet opgevangen. Dat gebeurde onder meer door het zogeheten Snel Consulair OndersteuningsTeam (SCOT) van Buitenlandse Zaken. Medewerkers van Defensie zorgden in de tussentijd dat de Airbus A330 vanuit Eindhoven in Libanon aankwam en daar ook weer veilig kon vertrekken. Vanuit Beiroet vertellen 2 betrokkenen over hun ervaringen.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.165/6.1.106/6.6.47/6.10.6. This affects the function ip6_xmit. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-44985. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.106/6.6.47/6.10.6. It has been declared as critical. This vulnerability affects unknown code of the component AMD GPU. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2024-44977. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical was found in Linux Kernel up to 5.15.165/6.1.106/6.6.47/6.10.6. Affected by this vulnerability is an unknown functionality of the component flowtable. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-44983. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.165/6.1.106/6.6.47/6.10.6 and classified as problematic. This vulnerability affects the function dpu_format_populate_layout. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-44982. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.106/6.6.47/6.10.6. It has been declared as critical. Affected by this vulnerability is the function kcm_release in the library include/linux/skbuff.h. The manipulation leads to use after free. This vulnerability is known as CVE-2024-44946. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.45/6.10.4 and classified as problematic. This issue affects the function idr_alloc of the component memcg. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-43892. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.