SecWiki News 2025-01-08 Review
2025-01-08软件安全分析2030远景规划 ourren || discus
Aggregator
A Threat Actor Claims to be Selling the Data of CarJet
8 months ago
A Threat Actor Claims to be Selling the Data of CarJet
Dark Web Informer - Cyber Threat Intelligence
Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers
8 months ago
Russian internet provider Nodex reported on Tuesday that its network had been ruined in a cyberatta
Anonymous Sudan Targeted the Website of Bank of Central African States (BEAC)
8 months ago
Anonymous Sudan Targeted the Website of Bank of Central African States (BEAC)
Dark Web Informer - Cyber Threat Intelligence
Can you explain to me how a person can et caught using a flipper zero evil portal attack? Just curious?
8 months ago
蚂蚁会记仇
8 months ago
根据发表在《Current Biology》上的研究,演化生物学家证明,蚂蚁能通过经验学习。在实验中研究团队反复让蚂蚁与另一个巢穴的竞争对手对峙,测试蚂蚁会记住它们的负面经历。当蚂蚁再次遭遇来自更好斗巢穴的蚂蚁,它们也会变得更富有攻击性。如果再次遇到对它们比较温和的蚂蚁,它们的攻击性会降低。蚂蚁利用气味来区分本巢穴的成员和其它巢穴的成员。每个蚁穴都有独特的气味。此前的研究发现,蚂蚁对距离最近的邻居会表现出攻击性。研究团队发现,蚂蚁会记住攻击者的气味。这是为什么它们面对熟悉巢穴的竞争对手时会更有攻击性。
US Launches Cyber Trust Mark for IoT Devices
8 months ago
The voluntary Cyber Trust Mark labeling program will allow consumers to assess the cybersecurity of IoT devices when making purchasing decisions
Every Psychological Trick to Hijack Minds
8 months ago
CVE-2024-13206 | REVE Antivirus 1.0.0.0 on Linux reveinstall default permission
8 months ago
A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This affects an unknown part of the file /usr/local/reveantivirus/tmp/reveinstall. The manipulation leads to incorrect default permissions.
This vulnerability is uniquely identified as CVE-2024-13206. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
How initial access brokers (IABs) sell your users’ credentials
8 months ago
Even if you haven’t looked into the methods of initial access brokers (IABs), you've almost
Thousands of credit cards stolen in Green Bay Packers store breach
8 months ago
American football team Green Bay Packers says cybercriminals stole the credit card data of
Submit #471160: REVE Antivirus Antivirus for Linux 1.0.0.0 Incorrect Default Permissions [Accepted]
8 months ago
Submit #471160 / VDB-290799
FPT IS Security
Breach Readiness and Business Continuity Planning
8 months ago
I recently caught up with Karissa Breen, the founder of KBI.Media, and we got straight into our topic: What is breach readiness and business continuity planning in complex environments? Everyone talks about having a plan, but actually putting it into action, especially when you’re under attack, is a completely different story. Realities of Breach Readiness […]
The post Breach Readiness and Business Continuity Planning appeared first on ColorTokens.
The post Breach Readiness and Business Continuity Planning appeared first on Security Boulevard.
Daniel Churches
Breach Readiness and Business Continuity Planning
8 months ago
I recently caught up with Karissa Breen, the founder of KBI.Media, and we got straight into our
Thousands of credit cards stolen in Green Bay Packers store breach
8 months ago
American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. [...]
Sergiu Gatlan
How initial access brokers (IABs) sell your users’ credentials
8 months ago
Initial Access Brokers (IABs) are specialized cybercriminals that break into corporate networks and sell stolen access to other attackers. Learn from Specops Software about how IABs operate and how businesses can protect themselves. [...]
Sponsored by Specops Software
CVE-2024-13205 | kurniaramadhan E-Commerce-PHP 1.0 Create Product Page create_product.php Name sql injection
8 months ago
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/create_product.php of the component Create Product Page. The manipulation of the argument Name leads to sql injection.
This vulnerability is handled as CVE-2024-13205. The attack may be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2024-13204 | kurniaramadhan E-Commerce-PHP 1.0 /blog-details.php blog_id sql injection
8 months ago
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /blog-details.php. The manipulation of the argument blog_id leads to sql injection.
This vulnerability is known as CVE-2024-13204. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2024-13203 | kurniaramadhan E-Commerce-PHP 1.0 cross-site request forgery
8 months ago
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery.
This vulnerability is traded as CVE-2024-13203. It is possible to launch the attack remotely. There is no exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
Oxygen Forensic
8 months ago