Aggregator

8 months 1 week ago

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. Affected by this issue is the function alloc_pages_bulk_noprof. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-53113. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-53096 | Linux Kernel up to 6.11 mmap_region control flow (5de195060b2e / Nessus ID 213467)

8 months 1 week ago

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.11. Affected is the function mmap_region. The manipulation leads to incorrect control flow. This vulnerability is traded as CVE-2024-53096. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-20480 | Cisco IOS XE up to 17.14.1a SD-Access Fabric Edge Node operator precedence logic error (cisco-sa-ios-xe-sda-edge-dos-MBcbG9k / Nessus ID 213466)

8 months 1 week ago

A vulnerability, which was classified as critical, was found in Cisco IOS XE. Affected is an unknown function of the component SD-Access Fabric Edge Node Handler. The manipulation leads to operator precedence logic error. This vulnerability is traded as CVE-2024-20480. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-50258 | Linux Kernel up to 6.6.59/6.11.6 net sk_dst_gso_max_size denial of service (ac5977001eee/e72fd1389a53/9ab5cf19fb0e / Nessus ID 213467)

8 months 1 week ago

A vulnerability has been found in Linux Kernel up to 6.6.59/6.11.6 and classified as problematic. This vulnerability affects the function sk_dst_gso_max_size of the component net. The manipulation leads to denial of service. This vulnerability was named CVE-2024-50258. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44945 | Linux Kernel up to 6.10.6 nfnetlink Privilege Escalation (3e03b536d945/d1a7b382a9d3 / Nessus ID 213467)

8 months 1 week ago

A vulnerability was found in Linux Kernel up to 6.10.6. It has been declared as problematic. This vulnerability affects unknown code of the component nfnetlink. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-44945. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

SDL 48/100问：关于安全测试标准化的讨论？

8 months 1 week ago

不同的安全测试工程师，在面对相同系统时，会有不同的测试思路与习惯，以至于发现的漏洞不一样，导致业务方会有一些怨言。在此背景下，就安全测试标准化进行了讨论。安全测试很难像功能测试一样，有完善的测试用例然后逐一执行。因为安全本身就是意料之外的事情，虽然标准化之后还会出现遗漏，但带来的安全效果肯定会比单兵作战要好，所以这事儿是有必要做的。回顾我们的做法： 1、资深安全测试工程师牵头编写安全测试用例集，结合历史漏洞、主营业务功能来做； 2、其他安全测试工程师学习安全测试用例集，并补充自己的思路，这是一个持续过程； 3、参照安全测试用例集，尝试开发一些小工具用于提升效率； 4、将测试集分享给业务线学习，鼓励业务线的测试、开发进行自测。至此，作为集团级的应用安全团队就没啥招了，从效果来看仅对扩展测试思路有用、开发的小工具效果也一般。后来，就没再维护安全测试用例集，取而代之的是建设“纵深”的安全测试工具链：（安全需求、安全设计）－ SAST、SCA、人工审计－ IAST、DAST、人工测试－ SRC收洞，并通过对外部发现的漏洞复盘、不断优化整个安全测试体系（规范-流程-工具-人员）。更多软件安全内容，可以访问： 1、SDL100问：我与SDL的故事 SAST误报太高，如何解决？ SDL需要哪些人参与？设计阶段应开展哪些安全活动？如何选择开源组件安全扫描(SCA)工具？ SCA工具扫描出很多漏洞，如何处理？ SCA工具识别出高风险协议，如何处理？应该如何选型代码安全扫描工具？如何推进有问题的jar包更新？ SCA工具的误报率怎样？如何说服业务完成checklist自检？ sdl会对项目变更代码做review吗？怎么解决源代码两张皮导致安全失效？开发安全培训是否有效？安全组件如何在SDL中落地？如何安全管理研发提交代码到GitHub进行开源？安全组件(SDK)能够否覆盖Owasp Top 10? SDL建设是难中难，该如何做？ SDL 47/100问：如何定位及落地威胁建模？ 2、SDL创新实践系列首发！“ 研发安全运营 ” 架构研究与实践 DevSecOps实施关键：研发安全团队 DevSecOps实施关键：研发安全流程 DevSecOps实施关键：研发安全规范从安全视角，看研发安全数字化转型下的研发安全痛点

SDL 48/100问：关于安全测试标准化的讨论？

8 months 1 week ago

SDL 48/100问：关于安全测试标准化的讨论？

8 months 1 week ago

SDL 48/100问：关于安全测试标准化的讨论？

8 months 1 week ago

SDL 48/100问：关于安全测试标准化的讨论？

8 months 1 week ago

A US soldier was arrested for leaking presidential call logs

Security Affairs

8 months 1 week ago

US authorities have arrested soldier Cameron John Wagenius for his alleged involvement in leaking presidential phone records. US authorities arrested Cameron John Wagenius (20), a US Army soldier, suspected of involvement in leaking presidential call logs. The soldier was arrested in Fort Hood, Texas, he is suspected to be the hacker who using the moniker […]

Pierluigi Paganini

Finland Suspects Eight in Deep-Sea Cable Sabotage Incident

8 months 1 week ago

Suspect Crew Members of the Eagle S Cannot Leave the Ship
Finnish police say they've identified as suspects eight crew members of an oil tanker linked to a Russian "shadow fleet" of sanctions busting ships in an investigation into an incident that broke submarine cables in the Baltic Sea. Authorities escorted the tanker into Finnish waters on Dec. 25.

What's in HHS' Proposed HIPAA Security Rule Overhaul?

8 months 1 week ago

Experts: New Mandates Could Be Difficult, Costly for Many Entities
The U.S. Department of Health and Human Services' proposed overhaul of the 20-plus-year-old HIPAA Security Rule aims to drastically improve the state of healthcare sector cybersecurity, but the potential new requirements could mean difficult and expensive heavy lifting for many regulated entities.

Chinese Hack Breached US Sanctions Office in Treasury Attack

8 months 1 week ago

Hackers Reportedly Target Treasury Department Offices Overseeing Economic Sanctions
A Chinese hack of the U.S. Department of Treasury targeted offices tasked with overseeing economic sanctions and financial investigations, as experts warn Beijing is increasingly escalating attacks on American critical infrastructure while preparing for potential future conflict.

'DoubleClickjacking' Threatens Major Websites’ Security