Aggregator

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration testing tools and its developer created it using the Rust programming language," Unit 42's Dominik

A vulnerability was found in WatchGuard Single Sign-On Client up to 12.7 on Windows. It has been declared as critical. This vulnerability affects unknown code of the component Command Handler. The manipulation leads to handling of exceptional conditions. This vulnerability was named CVE-2024-6594. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in WatchGuard Authentication Gateway up to 12.10.2 on Windows. It has been classified as very critical. This affects an unknown part of the component Management Command Handler. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2024-6593. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in WatchGuard Authentication Gateway and Single Sign-On Client and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2024-6592. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in T&W WIFI Repeater BE126. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/webupg. The manipulation of the argument user leads to command injection. The identification of this vulnerability is CVE-2017-13713. The attack may be initiated remotely. Furthermore, there is an exploit available.

助力钢铁企业数字化转型

Often, malware uses platforms like — Telegram and Discord for data exfiltration. Due to its simplicity and the lack of need for building a server architecture, this exfiltration method has gained significant popularity. However, this very simplicity is also its weakness.  In this article we’ll show you how to obtain information related to threat actors’ […]

The post How to Intercept Data Exfiltrated by Malware via Telegram and Discord appeared first on ANY.RUN's Cybersecurity Blog.

Оборонные предприятия России под прицелом хакеров.

A vulnerability classified as problematic has been found in Oracle MySQL Server up to 5.7.13. This affects an unknown part of the component Audit. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2016-5635. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in SquirrelMail. This issue affects some unknown processing. The manipulation of the argument help leads to path traversal. The identification of this vulnerability is CVE-2005-1924. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SquirrelMail. It has been rated as critical. Affected by this issue is the function gpg_recv_key. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2005-1924. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle MySQL Server up to 5.7.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component RBR. The manipulation leads to denial of service. This vulnerability is handled as CVE-2016-5634. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

胡金鱼

A vulnerability classified as critical was found in Gisle Aas Digest up to 1.16. Affected by this vulnerability is the function new of the component digest. The manipulation leads to improper input validation. This vulnerability is known as CVE-2011-3597. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Today, the Biden-Harris Administration announced the launch of the National Semiconductor Technology Center’s (NSTC) Workforce Center of Excellence (WCoE), making a decisive step toward solving one of the most pressing challenges facing the U.S

CISA continues to respond to active exploitation of internet-accessible operational technology (OT) and industrial control systems (ICS) devices, including those in the Water and Wastewater Systems (WWS) Sector. Exposed and vulnerable OT/ICS systems may allow cyber threat actors to use default credentials, conduct brute force attacks, or use other unsophisticated methods to access these devices and cause harm.   

CISA urges OT/ICS operators in critical infrastructure sectors to apply the recommendations listed in Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity to defend against this activity. To learn more about secure by design principles and practices, visit CISA's Secure by Design webpage. For more information and guidance on protection against the most common and impactful threats, tactics, techniques, and procedures, visit CISA’s Cross-Sector Cybersecurity Performance Goals.

Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit some of these vulnerabilities to cause a denial of service condition. 

CISA encourages users and administrators to review the following and apply necessary updates: 

• XenServer and Citrix Hypervisor Security Update for CVE-2024-45817

As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events. 

CISA encourages users to review the following resources to avoid falling victim to malicious cyber activity: 

• Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity, 

• Consumer Financial Protection Bureau's Frauds and scams, and 

• CISA’s Phishing Guidance, Stopping the Attack Cycle at Phase One to help organizations reduce likelihood and impact of successful phishing attacks. 

一日一技 | 用 Tasker 切换三星「即圈即搜」搜索源 最近各家手机公司都在争夺 AI 这片新兴的领域——好不容易找到新卖点，大家也都在各自的系统上开始玩一些 AI 花活。虽然我实际体验下来大部