Aggregator

A vulnerability was found in Snort up to 1.9.0 and classified as very critical. This issue affects some unknown processing of the component Fragmented RPC Packet Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2003-0033. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

sn0int是一款功能强大的半自动化OSINT框架和包管理工具，可以帮助广大研究人员快速完成网络安全测试阶段的OSINT任务。

A vulnerability classified as very critical has been found in Protegrity Secure.Data 2.2.3.7/2.2.3.8. Affected is the function xp_pty_checkusers/xp_pty_insert/xp_pty_select in the library protegrity.dll of the component Extended Stored Procedure. The manipulation leads to memory corruption (Stored). This vulnerability is traded as CVE-2003-0030. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Apple tvOS up to 10.1. Affected by this vulnerability is an unknown functionality of the component FontParser. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2017-2439. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware. Screenshot of the Redline License Server panel (Source: Operation Magnus) About Redline and Meta Redline and Meta (aka MetaStealer) are infostealers, capable of exfiltrating a variety of sensitive information: Info about the victims’ machine/OS (Windows and macOS) Credentials, credit card … More →

The post Police hacks, disrupts Redline, Meta infostealer operations appeared first on Help Net Security.

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, was created on

Cops Recover Redline, Meta Infostealer Data; Promise Criminal Users: 'See You Soon'
The Dutch National Police, working with the FBI, say they've disrupted the Redline and Meta info-stealing malware services after obtaining "full access" to them, including source code and extensive details pertaining to their users, with follow-on "legal actions" now "underway."

Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.

Исследователи выявили плюсы и минусы новой тенденции.

For the latest discoveries in cyber research for the week of 28th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grupo Aeroportuario del Centro Norte (OMA), operator of 13 airports across Mexico, was hacked by the RansomHub ransomware gang, who threatened to leak 3TB of stolen data unless a ransom is paid. […]

The post 28th October – Threat Intelligence Report appeared first on Check Point Research.

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also known by the monikers

The Cyber Centre’s Learning Hub offers courses on basic, advanced and specialized topics in cyber security for employees of the Government of Canada and those who work on systems of importance to the Government of Canada.

美国版权局拒绝了游戏历史基金会 Video Game History Foundation（VGHF）提出的用于游戏保存的 DMCA 豁免。游戏通常会使用 DRM 反盗版措施，但随着时间的推移，DRM 可能会导致游戏无法在新系统运行，为了正常运行可能需要设法移除 DRM，但这违反了 DMCA 反规避条款。VGHF 希望能豁免游戏保存的 DRM 规避。然而美国版权局拒绝了 VGHF 的请求，认为对于用户是谁或他们为什么要访问游戏，VGHF 没有予以明确。VGHF 去年进行的一项研究发现，87% 的游戏处于极度濒危状态，因为保存它们变得愈来愈困难。