Драйвер-шпион от Lazarus: AFD.sys становится оружием хакеров
Lazarus эксплуатирует 0day для установки руткита.
Aggregator
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
1 year 7 months ago
Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported. The threat actor ZeroSevenGroup claims to have […]
Pierluigi Paganini
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
1 year 7 months ago
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forumTo
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
1 year 7 months ago
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forumTo
出售30万个被盗登录凭证,被判处40个月监禁
1 year 7 months ago
27岁的俄罗斯公民格奥尔基·卡夫扎拉泽(Georgy Kavzharadze)因在Slilpp上出售超过30万个账户的登录凭证,被判处4个月的监禁。
攻击者在勒索活动中利用公开的.env文件入侵云账户
1 year 7 months ago
近日,一场大规模勒索活动利用可公开访问的环境变量文件(.env)入侵了多个组织,这些文件包含与云和社交媒体应用程序相关的凭据。
新的 Webkit 漏洞可让攻击者利用 PS4 和 PS5 游戏机发起攻击
1 year 7 months ago
PS4和PS5中的WebKit漏洞指的是其浏览器中发现的WebKit引擎漏洞。
乌克兰网络专家联手黑客团队致瘫俄罗斯核弹头开发商
1 year 7 months ago
近日,乌克兰网络专家与黑客组织VO Team协调实施了一次高效的网络攻击,目标是位于俄罗斯车里雅宾斯克斯涅任斯克的关键核弹头开发公司——维加公司。
WPS Office两个严重漏洞曝光,已被武器化且在野利用
1 year 7 months ago
WPS Office作为一款用户基数超过2亿的广泛使用的办公套件,被发现存在两个关键漏洞。
个人信息权益保护与个人数据要素化并行不悖
1 year 7 months ago
个人数据与非个人数据是数据的基本分类。数据是数字经济的关键生产要素,经过较长时期消费互联网的推动,个人数据已经成为我国数字经济的重要要素。
乌克兰网络专家联手黑客团队致瘫俄罗斯核弹头开发商
1 year 7 months ago
近日,乌克兰网络专家与黑客组织VO Team协调实施了一次高效的网络攻击,目标是位于俄罗斯车里雅宾斯克斯涅任斯克的关键核弹头开发公司——维加公司。此次网络行动导致维加公司的1,173台网络交换机和10
WPS Office两个严重漏洞曝光,已被武器化且在野利用
1 year 7 months ago
WPS Office作为一款用户基数超过2亿的广泛使用的办公套件,被发现存在两个关键漏洞(CVE-2024-7262和CVE-2024-7263),这些漏洞可能导致用户遭受远程代码执行攻击。这两个漏洞
个人信息权益保护与个人数据要素化并行不悖
1 year 7 months ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
上周关注度较高的产品安全漏洞(20240812-20240818)
1 year 7 months ago
CNVD漏洞周报2024年第33期
1 year 7 months ago
A Patchdiffing Journey – TP-Link Omada
1 year 7 months ago
IntroductionLast year we participated in the Pwn2Own 2023 Toronto competition and succe
CVE-2024-6847 | Chatbot with ChatGPT Plugin up to 2.4.4 on WordPress sql injection
1 year 7 months ago
A vulnerability, which was classified as critical, was found in Chatbot with ChatGPT Plugin up to 2.4.4 on WordPress. Affected is an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2024-6847. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43688 | vixie cron on OpenBSD cron/entry.c heap-based overflow
1 year 7 months ago
A vulnerability, which was classified as critical, has been found in vixie cron on OpenBSD. This issue affects some unknown processing of the file cron/entry.c. The manipulation leads to heap-based buffer overflow.
The identification of this vulnerability is CVE-2024-43688. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
GoGra Backdoor: Unnamed South Asian Media Outlet Targeted
1 year 7 months ago
As per recent reports, an unnamed media organization in South Asia had fallen prey to t
Web Browser Stored Credentials
1 year 7 months ago
Microsoft introduced Data Protection Application Programming Interface (DPAPI) in Window