Aggregator
North Korean hackers pave the way for Play ransomware
5 months ago
North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Palo Alto Networks) The attack The ransomware attack was investigated by Palo Alto Networks’ Unit 42 in September 2024, and they determined that North Korean hackers: Gained access to a host using a compromised users account Moved laterally to other … More →
The post North Korean hackers pave the way for Play ransomware appeared first on Help Net Security.
Zeljka Zorz
CVE-2016-2362 | Fonality up to 14.1i FTP Server/SSH Server hard-coded credentials (VU#754056)
5 months ago
A vulnerability was found in Fonality up to 14.1i. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component FTP Server/SSH Server. The manipulation leads to hard-coded credentials.
This vulnerability is known as CVE-2016-2362. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
情报分析师必备:AI图像识别技术的核心技能
5 months ago
美国总统大选:重点亚太国家战略考量与内战风险评估
5 months ago
俄罗斯情报机构利用 RDP 发动大规模钓鱼攻击
5 months ago
微软警告,俄罗斯情报机构正利用远程桌面协议(RDP)发动大规模钓鱼攻击。这一攻击最早是在 10 月 22 日发现的,其目标是政府、非政府组织、学界和国防机构。攻击者被命名为 Midnight Blizzard aka APT29 和 Cozy Bear,被认为隶属于俄罗斯对外情报局(SVR)。攻击者向 100 多个组织的数千人发送了钓鱼邮件,邮件附件包含了 RDP 配置文件。一旦受害者运行配置文件,会建立与 Midnight Blizzard 所控制系统的 RDP 连接,攻击者可利用配置文件窃取大量信息。
Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities
5 months ago
In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as “the new perimeter”, the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of how their identities are being used across various platforms. This leaves them vulnerable to data
The Hacker News
Прогресс или катастрофа: доверят ли ИИ ядерную кнопку США?
5 months ago
Технологии могут кардинально поменять оборону страны.
CVE-2007-1899 | myWebland myBloggie 2.1.6 index.php post_id sql injection (EDB-5975 / SA30892)
5 months ago
A vulnerability, which was classified as critical, was found in myWebland myBloggie 2.1.6. Affected is an unknown function of the file index.php. The manipulation of the argument post_id leads to sql injection.
This vulnerability is traded as CVE-2007-1899. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-3128 | Pivot 1.40.5 search.php path traversal (EDB-5973 / XFDB-43470)
5 months ago
A vulnerability, which was classified as problematic, has been found in Pivot 1.40.5. This issue affects some unknown processing of the file search.php. The manipulation leads to path traversal.
The identification of this vulnerability is CVE-2008-3128. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-3129 | Catviz 0.4 Beta 1 index.php webpage sql injection (EDB-5974 / XFDB-43468)
5 months ago
A vulnerability, which was classified as critical, was found in Catviz 0.4 Beta 1. Affected is an unknown function of the file index.php. The manipulation of the argument webpage leads to sql injection.
This vulnerability is traded as CVE-2008-3129. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-3133 | BareNuked CMS 1.1.0 password sql injection (EDB-5971 / XFDB-43471)
5 months ago
A vulnerability was found in BareNuked CMS 1.1.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation of the argument password leads to sql injection.
This vulnerability was named CVE-2008-3133. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-5190 | eSHOP100 index.php SUB sql injection (EDB-5970 / XFDB-43452)
5 months ago
A vulnerability was found in eSHOP100 and classified as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument SUB leads to sql injection.
This vulnerability is handled as CVE-2008-5190. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-5198 | Vizzed Acmlmboard 1.a2 memberlist.php pow sql injection (EDB-5969 / BID-30007)
5 months ago
A vulnerability has been found in Vizzed Acmlmboard 1.a2 and classified as critical. This vulnerability affects unknown code of the file memberlist.php. The manipulation of the argument pow leads to sql injection.
This vulnerability was named CVE-2008-5198. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-7182 | NetWin Surgemail 3.9e IMAP Service first memory corruption (EDB-5968 / Nessus ID 33277)
5 months ago
A vulnerability was found in NetWin Surgemail 3.9e. It has been declared as problematic. This vulnerability affects unknown code of the component IMAP Service. The manipulation of the argument first leads to memory corruption.
This vulnerability was named CVE-2008-7182. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2008-5195 | Sebrac SebracCMS 0.4 uname sql injection (EDB-5967 / XFDB-43453)
5 months ago
A vulnerability classified as critical was found in Sebrac SebracCMS 0.4. Affected by this vulnerability is an unknown functionality. The manipulation of the argument uname leads to sql injection.
This vulnerability is known as CVE-2008-5195. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-5200 | Com Xewebtv on Joomla index.php id sql injection (EDB-5966 / XFDB-43469)
5 months ago
A vulnerability was found in Com Xewebtv on Joomla. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection.
This vulnerability is traded as CVE-2008-5200. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites
5 months ago
A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions.
The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin.
"The plugin suffers from an unauthenticated privilege escalation vulnerability
The Hacker News
CVE-2024-49685 | Smash Balloon Custom Twitter Feeds Plugin up to 2.2.3 on WordPress cross-site request forgery
5 months ago
A vulnerability was found in Smash Balloon Custom Twitter Feeds Plugin up to 2.2.3 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery.
This vulnerability is handled as CVE-2024-49685. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-49674 | Lukas Huser EKC Tournament Manager Plugin up to 2.2.1 on WordPress cross-site request forgery
5 months ago
A vulnerability, which was classified as problematic, was found in Lukas Huser EKC Tournament Manager Plugin up to 2.2.1 on WordPress. Affected is an unknown function. The manipulation leads to cross-site request forgery.
This vulnerability is traded as CVE-2024-49674. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com