Weekly Report: JPCERT/CCが「あなたではなく組織の財産を狙うLinkedIn経由のコンタクトにご用心」を公開
国内で確認されている、LinkedInを初期感染経路とする不正アクセスに関連して、JPCERT/CCが2019年ごろから確認している攻撃事案を紹介しています。
Aggregator
美团技术年货 | 600+页电子书,算法、工程、测试、数据、安全系列大合集
8 months 1 week ago
值蛇年春节到来之际,我们精选过去一年公众号30多篇技术文章和科研论文,整理制作成一本600多页的电子书,作为一份特别的新年礼物,献给每一位热爱技术的你。愿大家乘风破浪,勇往直前!
美团技术团队
追逐国产化发展新浪潮,助力长航自主可控安全体系建设
8 months 1 week ago
为国产化产业大局的建立尽最大能力添砖加瓦。
追逐国产化发展新浪潮,助力长航自主可控安全体系建设
8 months 1 week ago
长航体系背景介绍长航总局的职能长江航务管理局隶属于中华人民共和国交通运输部,是遵照国务院国发198350号文件精神,根据政企分开、港航分管的原则,在原长江航运管理局的基础上于1984年组建的,2002
AvosLocker恶意病毒攻击
8 months 1 week ago
#勒索病毒 #AvosLocker #Linux
AvosLocker恶意病毒攻击
AvosLocker 是一个勒索软件即服务 (RaaS) 团伙,于 2021 年中期首次出现。此后,该团伙因针对关键基础设施(包括金融服务、关键制造业和政府设施领域)的攻击而臭名昭著,因采用双重勒索策略而闻名,该组织首先窃取数据,然后再对其进行加密,然后该组织表示除非受害者支付赎金,否则将在专门的泄露网站上对外发布数据,最初,AvosLocker 组织主要针对 Windows 系统,但他们随后也通过针对 VMware ESXi 的勒索软件的 Linux 版本来扩大其影响范围。
Babuk勒索病毒攻击
8 months 1 week ago
#勒索病毒 #Babuk #Ransomware
Babuk勒索病毒攻击
Babuk 勒索软件于 2021 年出现,因针对目标行业(尤其是医疗保健、制造业、物流和公共服务领域,包括关键基础设施)发起高调攻击而恶名远播。
Babuk 可以针对多种硬件和软件平台进行编译。编译是通过勒索软件构建器配置的。Windows 和 Linux 的 ARM 是最常用的版本,但随着时间的推移,也观察到了 ESX 和 32 位较旧的 PE 可执行文件。
全球最早的勒索病毒以及勒索病毒攻击活动
8 months 1 week ago
#勒索病毒 #AIDS #Ransomware
全球最早的勒索病毒以及勒索病毒攻击活动
勒索病毒属于恶意软件的一种病毒类型,这种病毒并不是现在才有的,早在1989年哈佛大学博士学位的生物学家约瑟夫波普Joseph Popp开发了一款软件,并向世界卫生组织艾滋病会议的参加者分发了20000张受感染的磁盘,以艾滋病信息-入门软盘命名,当软盘插入电脑就会感染该勒索病毒,弹出勒索提示信息框,受害者必须在巴拿马的邮政邮箱向PC Cyborg Corporation发送189美元,以解锁电脑的访问权限,这就是最早的勒索病毒以及勒索攻击活动。
揭秘勒索病毒黑客组织的勒索手段
8 months 1 week ago
#勒索病毒 #一重勒索 #二重勒索 #三重勒索 #四重勒索 #Ransomware
揭秘勒索病毒黑客组织的勒索手段
你了解勒索病毒黑客组织的几种勒索手段吗?一重勒索,二重勒索,三重勒索,四重勒索分别是什么?以后要出去装逼的时候,不要被人笑话连这都不懂,还大谈勒索病毒攻击防御
CISA's AI Playbook Pushes For More Information Sharing
8 months 1 week ago
The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats.
Edge Editors
Proxying PyRIT for fun and profit
8 months 1 week ago
A Threat Actor Claims to be Selling Access to an Unidentified US Law Firm
8 months 1 week ago
A Threat Actor Claims to be Selling Access to an Unidentified US Law Firm
Dark Web Informer - Cyber Threat Intelligence
Prestige Maintenance USA has Fallen Victim to MEDUSA Ransomware
8 months 1 week ago
Prestige Maintenance USA has Fallen Victim to MEDUSA Ransomware
Dark Web Informer - Cyber Threat Intelligence
CVE-2024-9042
8 months 1 week ago
Command Injection affecting Windows nodes via nodes/*/logs/query API
CVE-2021-35312 | Gestionale Amica Prodigy 1.7 RemoteBackup.Service.exe permission (ID 163744 / EDB-50184)
8 months 1 week ago
A vulnerability was found in Gestionale Amica Prodigy 1.7 and classified as critical. Affected by this issue is some unknown functionality of the file RemoteBackup.Service.exe. The manipulation leads to permission issues.
This vulnerability is handled as CVE-2021-35312. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2015-4659 | ClickHeat up to 1.14 index.php cross-site request forgery (EDB-37266 / BID-75300)
8 months 1 week ago
A vulnerability, which was classified as problematic, has been found in ClickHeat up to 1.14. This issue affects some unknown processing of the file index.php. The manipulation leads to cross-site request forgery.
The identification of this vulnerability is CVE-2015-4659. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-1321 | EventPrime Plugin up to 3.4.2 on WordPress Booking Payment improper authentication
8 months 1 week ago
A vulnerability was found in EventPrime Plugin up to 3.4.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the component Booking Payment Handler. The manipulation leads to improper authentication.
This vulnerability is handled as CVE-2024-1321. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-1751 | Tutor LMS Plugin up to 2.6.1 on WordPress sql injection
8 months 1 week ago
A vulnerability was found in Tutor LMS Plugin up to 2.6.1 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2024-1751. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-1502 | Tutor LMS Plugin up to 2.6.1 on WordPress Post authorization
8 months 1 week ago
A vulnerability, which was classified as problematic, was found in Tutor LMS Plugin up to 2.6.1 on WordPress. This affects an unknown part of the component Post Handler. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2024-1502. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-1326 | jegtheme Jeg Elementor Kit Plugin up to 2.6.2 on WordPress HTML Tag Attribute HTML injection
8 months 1 week ago
A vulnerability was found in jegtheme Jeg Elementor Kit Plugin up to 2.6.2 on WordPress. It has been classified as problematic. This affects an unknown part of the component HTML Tag Attribute Handler. The manipulation leads to HTML injection.
This vulnerability is uniquely identified as CVE-2024-1326. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-2976 | Tenda F1203 2.0.1.6 /goform/execCommand R7WebsSecurityHandler password stack-based overflow
8 months 1 week ago
A vulnerability was found in Tenda F1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow.
This vulnerability is known as CVE-2024-2976. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com