Aggregator

Cobalt Stike；Beacon；Bof；Coff

DataLocker introduces DL GO, a secure and easy-to-use encrypted USB flash drive, alongside MySafeConsole, a lightweight cloud console that gives individuals and small teams centralized control, without enterprise cost. DL GO safeguards data with AES-256 XTS (FIPS 197) hardware encryption and fast, familiar biometrics on both major platforms, Windows Hello (Windows) and Touch ID (macOS), with no drivers required. It works online or offline, and can be enrolled into MySafeConsole (individual/SMB) or tied to SafeConsole … More →

The post DataLocker boosts data security with DL GO and MySafeConsole appeared first on Help Net Security.

红海海底光缆因商船船锚拖行受损，导致亚洲至欧洲网络延迟激增及部分线路流量锐减30%。初步调查显示非恶意破坏。修复需数月时间。

HackerNews 编译，转载请注明出处： Adobe警告称，其Commerce和Magento开源平台存在一个严重的安全漏洞，如果被成功利用，可能会使攻击者能够接管客户账户。 该漏洞被追踪为CVE-2025-54236（也称为SessionReaper），其CVSS评分为9.1（满分10.0），被描述为一个不当输入验证漏洞。Adobe表示，目前尚未发现有针对该漏洞的野外利用情况。 “潜在攻击者可以通过Commerce REST API在Adobe Commerce中接管客户账户。”Adobe在今天发布的一份咨询报告中表示。 该问题影响以下产品和版本： Adobe Commerce（所有部署方式）： – 2.4.9-alpha2及更早版本 – 2.4.8-p2及更早版本 – 2.4.7-p7及更早版本 – 2.4.6-p12及更早版本 – 2.4.5-p14及更早版本 – 2.4.4-p15及更早版本 Adobe Commerce B2B： – 1.5.3-alpha2及更早版本 – 1.5.2-p2及更早版本 – 1.4.2-p7及更早版本 – 1.3.4-p14及更早版本 – 1.3.3-p15及更早版本 Magento开源： – 2.4.9-alpha2及更早版本 – 2.4.8-p2及更早版本 – 2.4.7-p7及更早版本 – 2.4.6-p12及更早版本 – 2.4.5-p14及更早版本 自定义属性可序列化模块： – 0.1.0至0.4.0版本 除了发布针对该漏洞的热修复程序外，Adobe还表示，已部署网络应用防火墙（WAF）规则，以保护使用Adobe Commerce云基础设施的商家免受可能的利用尝试。 “SessionReaper是Magento历史上更严重的漏洞之一，可与2015年的Shoplift、2019年的Ambionics SQLi、2022年的TrojanOrder和2024年的CosmicSting相提并论。”电子商务安全公司Sansec表示。 这家总部位于荷兰的公司表示，已成功复现了利用CVE-2025-54236的一种可能方式，但指出还有其他可能的途径可以利用该漏洞。 “该漏洞遵循去年CosmicSting攻击的熟悉模式。”它补充道，“该攻击结合了恶意会话和Magento REST API中的嵌套反序列化漏洞。” “特定的远程代码执行向量似乎需要基于文件的会话存储。然而，我们建议使用Redis或数据库会话的商家也立即采取行动，因为有多种方式可以滥用这个漏洞。” Adobe还发布了修复程序，以修复ColdFusion中的一个关键路径遍历漏洞（CVE-2025-54261，CVSS评分：9.0），该漏洞可能导致任意文件系统写入。它影响所有平台上的ColdFusion 2021（更新21及更早版本）、2023（更新15及更早版本）和2025（更新3及更早版本）。     消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章描述了如何处理HTTP错误代码521的问题，并提供了详细的解决方案和排查步骤。

A vulnerability was found in Adobe Substance3D Modeler up to 1.22.2 and classified as critical. This affects an unknown function of the component File Parser. Such manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-54260. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in opsmill infrahub up to 1.3.8/1.4.4 and classified as critical. The impacted element is an unknown function. This manipulation causes improper validation of certificate expiration. This vulnerability appears as CVE-2025-59036. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

HackerNews 编译，转载请注明出处： 美国司法部已对乌克兰国民沃洛迪米尔·维克托罗维奇·季莫申丘克（Volodymyr Viktorovich Tymoshchuk）提起诉讼，指控其担任LockerGoga、MegaCortex和Nefilim勒索软件行动的管理员。 季莫申丘克也被称为deadforz、Boba、msfv和farnetwork，他参与了勒索软件攻击，导致数百家公司被入侵，造成数百万美元的损失，根据今天解封的起诉书补充说明。 从2019年7月到2020年6月，季莫申丘克及其同伙被指控在美国和世界各地的250多家公司网络中发动LockerGoga和MegaCortex勒索软件攻击。 然而，在许多事件中，由于执法部门的早期警告，他们未能在受害者网络上部署勒索软件。 从2020年7月到2021年10月，季莫申丘克被指控担任Nefilim勒索软件行动的管理员，他为附属机构提供访问权限，包括共同被告阿尔捷姆·亚历山德罗维奇·斯特里扎克（Artem Aleksandrovych Stryzhak），后者于2025年4月从西班牙被引渡，以换取勒索赎金的20%。 2023年11月，网络安全公司Group-IB还将季莫申丘克与JSWORM、Karma、Nokoyawa和Nemty勒索软件团伙联系起来，自2019年4月以来，他帮助他们在多个俄语黑客论坛上招募附属机构。 “季莫申丘克是一名惯犯，他针对美国蓝筹公司、医疗机构和大型外国工业企业，并威胁说如果他们拒绝支付赎金，就将泄露他们的敏感数据。”美国检察官小约瑟夫·诺切拉（Joseph Nocella Jr.）说。 “在某些情况下，这些攻击导致业务运营完全中断，直到加密数据能够被恢复或恢复。”代理助理总检察长马修·R·加莱奥蒂（Matthew R. Galeotti）补充说。 2022年9月，作为针对这些网络犯罪团伙的全球努力的一部分，通过“不再勒索软件项目”（No More Ransomware Project）倡议发布了针对LockerGoga和MegaCortex勒索软件的免费解密器，以帮助受害者在不支付赎金的情况下恢复加密文件。 季莫申丘克面临两项计算机欺诈共谋罪名、三项破坏受保护计算机罪名，以及未经授权访问和威胁泄露机密信息的罪名。 美国国务院打击跨国组织犯罪（TOC）奖励计划还提供高达1100万美元的奖励，以获取任何可能导致季莫申丘克或其同伙被定位、逮捕或定罪的信息。       消息来源：bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

这篇文章探讨了如何有效提高工作效率的方法和策略。作者强调了时间管理的重要性，并提出了几种实用的技巧来帮助读者更好地安排任务和优先级。此外，文中还提到了减少干扰和保持专注的方法，以帮助读者在工作环境中更高效地完成任务。

A vulnerability, which was classified as critical, was found in prebid-universal-creative 1.17.3. The affected element is an unknown function of the file Prebid.js of the component JavaScript API. The manipulation results in embedded malicious code. This vulnerability is reported as CVE-2025-59039. The attack can be launched remotely. No exploit exists.

A vulnerability, which was classified as critical, has been found in Schneider Electric Saitel DR RTU and Saitel DP RTU. Impacted is an unknown function. The manipulation leads to os command injection. This vulnerability is documented as CVE-2025-9997. The attack can be initiated remotely. There is not any exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Adobe Substance3D Modeler up to 1.22.2. This issue affects some unknown processing of the component File Handler. Executing manipulation can lead to integer overflow. This vulnerability is registered as CVE-2025-54259. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Adobe Substance3D Modeler up to 1.22.2. This vulnerability affects unknown code of the component File Handler. Performing manipulation results in use after free. This vulnerability is cataloged as CVE-2025-54258. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in ninofiliu interactive-git-checkout up to 1.1.4. This affects an unknown part. Such manipulation leads to command injection. This vulnerability is listed as CVE-2025-59046. The attack may be performed from remote. There is no available exploit. It is advisable to implement a patch to correct this issue.

Microsoft has addressed two significant elevation of privilege vulnerabilities affecting its Windows BitLocker encryption feature. The flaws, tracked as CVE-2025-54911 and CVE-2025-54912, were disclosed on September 9, 2025, and carry an “Important” severity rating. Both vulnerabilities could allow an authorized attacker to gain full SYSTEM privileges on a compromised machine, bypassing the security layers that […]

The post Windows BitLocker Vulnerability Let Attackers Elevate Privileges appeared first on Cyber Security News.

A vulnerability marked as critical has been reported in Prebid.js 10.9.2. Affected by this issue is some unknown functionality. This manipulation causes embedded malicious code. This vulnerability is tracked as CVE-2025-59038. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as critical has been found in rAthena. Affected by this vulnerability is the function chclif_parse_moveCharSlot. The manipulation results in memory corruption. This vulnerability is identified as CVE-2025-58750. The attack can be executed remotely. There is not any exploit available. A patch should be applied to remediate this issue.

A vulnerability identified as critical has been detected in rAthena. Affected is an unknown function of the component PartyBooking. The manipulation of the argument WorldName leads to sql injection. This vulnerability is referenced as CVE-2025-58448. Remote exploitation of the attack is possible. No exploit is available. It is suggested to install a patch to address this issue.

根据微软 HR 最高官员 Amy Coleman 的一份备忘录，微软将强制执行重返办公室政策，限制远程办公。微软将要求员工每周到办公室至少办公三天，该政策将首先于 2026 年 2 月起在 Puget Sound 地区实施，之后推广到全美，然后是全世界。Coleman 在备忘录中表示，微软自己的数据显示，员工面对面交流会更活跃，团队更有活力，能取得更好的成果，驱动构建下一波 AI 工具所需要的协作。