Aggregator

速更新

Meta因全球多起数据泄露事件面临巨额罚款，总额达数亿美元

看雪论坛作者ID：是气球呀

掌握关键取证技能

MEGR-APT 在大规模数据中实现内存高效的 APT 攻击检测和调查验证

原文标题：MEGR-APT: A Memory-Efficient APT Hunting System Based on Attack Representation Learning原文作者：Ahm

Спортивный триумф внезапно обернулся криминальным крахом.

A vulnerability, which was classified as critical, was found in Zephyr Project Manager up to 3.2.4 on Wordpress. Affected is an unknown function of the file /wp-admin/admin-ajax.php. The manipulation of the argument project_id/task_id leads to sql injection. This vulnerability is traded as CVE-2022-2840. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Recent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American organization in 2022, where attackers compromised the organization’s MDaemon email server and exploited the WorldClient webmail component to maintain persistent access.  While the initial compromise vector remains unknown, the successful exploitation of the MDaemon server […]

The post Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol similar to RisePro for downloading and executing second-stage payloads.  Despite RisePro’s development discontinuation in June 2024, RiseLoader’s emergence suggests a potential connection to the threat group behind RisePro and PrivateLoader.  The malware often employs VMProtect for code obfuscation and has […]

The post RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through 9.4.5, could potentially allow attackers to inject malicious code into web pages, leading to cross-site scripting (XSS) attacks and other security compromises.  The vulnerabilities, tracked as CVE-2024-52875 and KIS-2024-07, highlight the […]

The post 1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement it quickly. About CVE-2024-12356 BeyondTrust Privileged Remote Access is an enterprise solution that mediates secure remote access to enterprise environments for employees and trusted vendors. BeyondTrust Remote Support allows organizations’ IT helpdesk personnel to securely connect … More →

The post BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) appeared first on Help Net Security.

Самый дорогой эксперимент в истории виноделия проведут на МКС.

A vulnerability, which was classified as problematic, was found in docker. Affected is an unknown function of the component DNS Request Handler. The manipulation leads to incorrect resource transfer. This vulnerability is traded as CVE-2024-29018. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SAP NetWeaver AS JAVA 7.50 and classified as critical. This issue affects some unknown processing. The manipulation leads to xml external entity reference. The identification of this vulnerability is CVE-2024-47582. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in SAP NetWeaver AS for JAVA 7.50. This issue affects the function upload of the component Adobe Document Services. The manipulation leads to file and directory information exposure. The identification of this vulnerability is CVE-2024-47579. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in SAP NetWeaver AS for JAVA 7.50. Affected is an unknown function of the component Adobe Document Services. The manipulation leads to file and directory information exposure. This vulnerability is traded as CVE-2024-47580. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in SAP NetWeaver AS for JAVA 7.50. It has been classified as critical. This affects an unknown part of the component Adobe Document Service. The manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2024-47578. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Squid Web Proxy up to 5.9/6.3. This issue affects some unknown processing of the component HTTP/ICAP. The manipulation leads to http request smuggling. The identification of this vulnerability is CVE-2023-46846. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.