Aggregator

Name: BackdoorCTF 2024 (an BackdoorCTF event.)
Date: Dec. 22, 2024, noon — 23 Dec. 2024, 12:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://backdoor.infoseciitr.in/
Rating weight: 49.48
Event organizers: InfoSecIITR

Hey everyone, let’s talk about something we all encounter every day on the internet: web pixels. You might know them as tracking pixels or pixel tags. These tiny snippets of code, often invisible to the naked eye, are embedded in websites and emails. They might seem harmless, but they can have big consequences for your […]

The post The Hidden Cost of Web Pixels – A Privacy and Security Nightmare appeared first on Feroot Security.

The post The Hidden Cost of Web Pixels – A Privacy and Security Nightmare appeared first on Security Boulevard.

A vulnerability classified as problematic was found in Wireshark up to 1.12.8/2.0.0. This vulnerability affects unknown code of the file epan/dissectors/packet-nbap.c of the component NBAP Dissector. The manipulation leads to improper input validation. This vulnerability was named CVE-2015-8730. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

The post Life in the Swimlane with Nick Jones, Service Design Architect appeared first on AI-Enhanced Security Automation.

The post Life in the Swimlane with Nick Jones, Service Design Architect appeared first on Security Boulevard.

The Federal Trade Commission (FTC) has ordered Marriott International and Starwood Hotels to define and implement a robust customer data security scheme following failures that led to massive data breaches. [...]

A vulnerability classified as critical has been found in Linux Kernel up to 6.8.1. This affects the function kmalloc_array of the component flower. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-27046. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in GitLab Community Edition and Enterprise Edition up to 15.1.4/15.2.2/15.3.0. This vulnerability affects unknown code of the component GitHub API Endpoint. The manipulation leads to os command injection. This vulnerability was named CVE-2022-2884. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenLDAP 2.3.7. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2008-2952. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM QRadar Suite Products and Cloud Pak for Security. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password requirements. This vulnerability is known as CVE-2024-22355. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Watson CP4D Data Stores 4.6.0/4.6.1/4.6.2/4.6.3. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to missing encryption of sensitive data. This vulnerability is handled as CVE-2023-27291. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Как мозг превращает сенсорный хаос в осознанное мышление.

Permalink

The post Randall Munroe’s XKCD ‘Exclusion Principle’ appeared first on Security Boulevard.

A vulnerability was found in mympc CD-Storm 1.0.0.1. It has been classified as very critical. Affected is an unknown function of the file mplayerc.exe of the component Media Player. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2007-4939. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Scott R. Lemmon Proxomitron Naoko-4 up to Beta4. This affects an unknown part of the component Error Message Handler. The manipulation leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2001-0991. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

McCoy Global Inc. Has Been Claimed a Victim to RansomHub Ransomware