The Theory of Econometric Duality
The Theory of Econometric Duality
Aggregator
Why the Phillips Curve Could Redefine Macroeconomic Policies
4 months 3 weeks ago
Why the Phillips Curve Could Redefine Macroeconomic Policies
What Happens When Economic Models Fail to Predict Real Outcomes?
4 months 3 weeks ago
What Happens When Economic Models Fail to Predict Real Outcomes?
Detecting Instability in Economic Models Using Algebraic Geometry
4 months 3 weeks ago
Detecting Instability in Economic Models Using Algebraic Geometry
How Homology Theory Helps Explain Shocks and Bifurcation in Economic Model
4 months 3 weeks ago
How Homology Theory Helps Explain Shocks and Bifurcation in Economic Model
How Small Changes in Economic Model Assumptions Can Lead to Big Problems
4 months 3 weeks ago
How Small Changes in Economic Model Assumptions Can Lead to Big Problems
Top cybersecurity books for your holiday gift list
4 months 3 weeks ago
The holiday season is approaching, and with it, the tradition of gift-giving. For professionals and enthusiasts alike, a well-chosen book can provide both knowledge and inspiration. To help with ideas on what to give, we’ve compiled a list of cybersecurity books to consider. Security Yearbook 2024: A History and Directory of the IT Security Industry Author: Richard Stiennon In the book, you’ll find a comprehensive directory of cybersecurity vendors, updated for 2024, complete with headquarters … More →
The post Top cybersecurity books for your holiday gift list appeared first on Help Net Security.
Help Net Security
CVE-2009-3246 | MyBuxScript Pts-bux spnews.php id sql injection (EDB-9555 / XFDB-52945)
4 months 3 weeks ago
A vulnerability was found in MyBuxScript Pts-bux and classified as critical. This issue affects some unknown processing of the file spnews.php. The manipulation of the argument id leads to sql injection.
The identification of this vulnerability is CVE-2009-3246. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2009-3252 | Dave Robinson Rock Band CMS 0.10 news.php sql injection (EDB-9553 / XFDB-52940)
4 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Dave Robinson Rock Band CMS 0.10. This issue affects some unknown processing of the file news.php. The manipulation leads to sql injection.
The identification of this vulnerability is CVE-2009-3252. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2009-3254 | Ultimatevideosite Ultimate Player 1.56 memory corruption (EDB-9548 / ADV-2009-2491)
4 months 3 weeks ago
A vulnerability has been found in Ultimatevideosite Ultimate Player 1.56 and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption.
This vulnerability is known as CVE-2009-3254. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2009-3115 | SolarWinds TFTP Server up to 5.0.55 input validation (EDB-9547 / SBV-23580)
4 months 3 weeks ago
A vulnerability was found in SolarWinds TFTP Server up to 5.0.55. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to improper input validation.
The identification of this vulnerability is CVE-2009-3115. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2009-3253 | TriceraSoft Swift Ultralite 1.032 memory corruption (EDB-9546 / SA36508)
4 months 3 weeks ago
A vulnerability, which was classified as very critical, was found in TriceraSoft Swift Ultralite 1.032. Affected is an unknown function. The manipulation leads to memory corruption.
This vulnerability is traded as CVE-2009-3253. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-7161 | Fortinet FortiOS 3.00 URL Filter access control (EDB-31026 / XFDB-39684)
4 months 3 weeks ago
A vulnerability was found in Fortinet FortiOS 3.00. It has been rated as critical. Affected by this issue is some unknown functionality of the component URL Filter. The manipulation leads to improper access controls.
This vulnerability is handled as CVE-2008-7161. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Unveiling Dark Internet Service Providers: Bulletproof Hosting
4 months 3 weeks ago
Author: Knownsec 404 team
Date: Dec 9, 2024
中文版:https://paper.seebug.org/3248/
1. Abstract
Bulletproof hosting services provide the infrastructure for cybercriminal activities, enabling criminals t...
CVE-2002-1549 | Light HTTPd 0.1 GET Request memory corruption (EDB-22012 / XFDB-10607)
4 months 3 weeks ago
A vulnerability was found in Light HTTPd 0.1. It has been declared as critical. This vulnerability affects unknown code of the component GET Request Handler. The manipulation leads to memory corruption.
This vulnerability was named CVE-2002-1549. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
お知らせ:インシデント報告Webフォームメンテナンス(2024/12/19)のお知らせ
4 months 3 weeks ago
第一批 AI 员工,即将入职电商公司
4 months 3 weeks ago
开店、宣传、运营、客服……这次 AI 都帮你干了。
Businesses plagued by constant stream of malicious emails
4 months 3 weeks ago
36.9% of all emails received by businesses (20.5 billion) in 2024 were unwanted, according to Hornetsecurity’s analysis of 55.6+ billion emails processed through their security services between November 1, 2023 and October 31, 2024 – and 2.3% of those contained malicious content, totalling 427.8 million emails. Once again, phishing remains the most prevalent form of attack, responsible for a third of all cyber-attacks in 2024. This was confirmed by the analysis of 55.6 billion emails, … More →
The post Businesses plagued by constant stream of malicious emails appeared first on Help Net Security.
Help Net Security
全球云上数据泄露风险分析简报 (第三期):云盘误配置与API漏洞致高校信息泄露,影响7亿账户
4 months 3 weeks ago
云盘误配置导致高校信息泄露,凭证窃取致400GB银行隐私泄露,API漏洞影响超7亿账户
黑客利用 ProjectSend 漏洞对暴露的服务器进行后门处理
4 months 3 weeks ago
恶意分子正在利用 ProjectSend 中的一个关键身份验证绕过漏洞的公共漏洞来上传 Webshell 并获得对服务器的远程访问。
该漏洞被追踪为 CVE-2024-11680,是一个严重的身份验证错误,影响 r1720 之前的 ProjectSend 版本,允许攻击者向“options.php”发送特制的 HTTP 请求以更改应用程序的配置。
成功利用该漏洞可以创建流氓帐户、植入 Webshell 以及嵌入恶意 JavaScript 代码。
尽管该漏洞已于 2023 年 5 月 16 日得到修复,但直到近期才为其分配了 CVE,导致用户没有意识到其严重性以及应用安全更新的紧迫性。
根据已检测到活跃利用的 VulnCheck 的说法,到目前为止,修补速度非常糟糕,99% 的 ProjectSend 实例仍在运行易受攻击的版本。
数千个实例被曝光
ProjectSend 是一款开源文件共享 Web 应用程序,旨在促进服务器管理员和客户端之间安全、私密的文件传输。它是一款颇受欢迎的应用程序,被那些更喜欢自托管解决方案而不是 Google Drive 和 Dropbox 等第三方服务的组织所使用。
VulnCheck 表示,在线大约有 4,000 个面向公众的 ProjectSend 实例,其中大多数都容易受到攻击。具体来说,根据 Shodan 数据,55% 的暴露实例运行 2022 年 10 月发布的 r1605,44% 使用 2023 年 4 月的未命名版本,只有 1% 运行修补版本 r1750。
VulnCheck 报告称,发现 CVE-2024-11680 的主动利用不仅限于测试,还包括更改系统设置以允许用户注册、获得未经授权的访问以及部署 Webshell 以保持对受感染服务器的控制。
启用新用户注册
自 2024 年 9 月 Metasploit 和 Nuclei 发布 CVE-2024-11680 的公共漏洞以来,此活动有所增加。
报告中写道:“VulnCheck 注意到面向公众的 ProjectSend 服务器已开始将其登陆页面标题更改为长的、随机的字符串。这些又长又随机的名称符合 Nuclei 和 Metasploit 实施漏洞测试逻辑的方式。”
这两种漏洞利用工具都会修改受害者的配置文件,以使用随机值更改站点名称(以及 HTTP 标题)。GreyNoise 列出了与此活动相关的 121 个 IP,表明存在广泛的尝试,而不是孤立的来源。
Shodan 上出现的攻击受害者
VulnCheck 警告称,Webshell 存储在“upload/files”目录中,名称由 POSIX 时间戳、用户名的 SHA1 哈希值以及原始文件名/扩展名生成。
通过 Web 服务器直接访问这些文件表明存在积极的利用行为。基于攻击可能已经很普遍存在,研究人员建议用户尽快升级到 ProjectSend r1750 版本。
胡金鱼