Aggregator

BI.ZONE призывает компании проверить логи на предмет активности доменов oastify.com.

在数字化技术的引导下，年轻人潮流需求与产业带智造升级碰撞产生的火花，正加速推动中国供应链向高端化稳步迈进。

A vulnerability identified as critical has been detected in Linux Kernel up to 6.17-rc2. Impacted is the function ppp_fill_forward_path. The manipulation leads to race condition. This vulnerability is uniquely identified as CVE-2025-39673. The attack can only be initiated within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16.3/6.17-rc2 and classified as critical. Affected by this vulnerability is the function platform_device_msi_init_and_alloc_irqs of the component ESI Feature. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-39674. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3/6.17-rc2. This impacts the function shutdown of the component gve. Executing a manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2025-38735. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.43/6.16.3/6.17-rc1/6.17-rc2/a754ab53993b1585132e871c5d811167ad3c52ff. This issue affects the function asix_devices of the component net. Executing a manipulation can lead to improper initialization. This vulnerability is handled as CVE-2025-38736. The attack can only be done within the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2. It has been declared as critical. Impacted is the function smb3_init_transform_rq. Executing a manipulation can lead to buffer overflow. This vulnerability appears as CVE-2025-38737. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 and classified as critical. This affects the function relocate_lowcore. The manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2025-38733. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2. This affects the function smc_listen_out of the component net. Performing a manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-38734. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.17-rc2. It has been rated as critical. This vulnerability affects unknown code in the library include/linux/skbuff.h of the component netfilter. Performing a manipulation results in improper update of reference count. This vulnerability is known as CVE-2025-38732. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.16.3/6.17-rc2. It has been declared as critical. This affects the function vm_bind_ioctl. Such manipulation leads to double free. This vulnerability is traded as CVE-2025-38731. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

上周关注度较高的产品安全漏洞20260119-20260125)

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞1224个，其中高危漏洞644个、中危漏洞496个、低危漏洞84个。

A vulnerability, which was classified as problematic, has been found in Altitude Communication Server 8.5.3290.0. Affected is an unknown function of the component Authentication Service. This manipulation causes injection. This vulnerability is tracked as CVE-2025-41083. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability classified as problematic was found in Altitude Communication Server. This impacts an unknown function of the component HTTP Request Handler. The manipulation results in http request smuggling. This vulnerability is identified as CVE-2025-41082. The attack can be executed remotely. There is not any exploit available.

速修复

Fuzzware.io 最终摘得桂冠

恭喜Project Sekai战队 ! 🏆

推进大语言模型在安全场景中进一步落地

HackerNews 编译，转载请注明出处： Symantec与Carbon Black的研究人员发现了一种名为Osiris的新型勒索软件变种，该变种于2025年11月被用于攻击一家东南亚大型食品服务特许经营商。 根据Symantec和VMware Carbon Black威胁猎手的分析，攻击者部署了一个名为POORTRY的恶意驱动程序，用自带漏洞驱动技术来禁用安全软件。 目前对Osiris的开发者，或其是否以勒索软件提供服务知之甚少，但有证据表明其与INC勒索软件存在关联。 Symantec与Carbon Black发布的报告中指出：“虽然这款Osiris勒索软件与2016年出现的同名勒索软件家族（Locky勒索软件的一个变种）重名，但没有迹象表明这两个家族之间存在任何关联。” Osiris似乎是一种新型勒索软件变种，与2016年基于Locky的同名变种无关。其开发者及任何RaaS模式仍属未知，但博通研究人员发现了攻击者与INC勒索软件团伙有相关联的迹象。 Osiris是一款功能齐全的勒索软件，能够停止服务和进程、选择要加密的文件和文件夹，并投放勒索信。研究人员报告称，该软件支持多种命令选项来定义目标、设置日志记录、选择加密模式以及Hyper-V等相关操作。这个新的勒索软件家族会跳过特定文件类型和系统文件夹，为加密文件附加.Osiris扩展名，删除VSS快照，并终止数据库、备份和生产力相关进程。该恶意软件使用混合ECC和AES-128-CTR加密，每个文件使用唯一密钥，通过完成端口管理异步输入/输出操作，并留下一份名为Osiris-MESSAGE.txt的勒索信，并在勒索信中提及敲诈细节和谈判链接。攻击链在勒索软件部署的数天前便已启动，攻击者当时使用Rclone工具悄悄窃取数据，并将其上传到Wasabi云存储桶中。这种方法，连同重用的工具（如名为kaz.exe的Mimikatz变体），都与过去Inc勒索软件的操作手法如出一辙，表明这可能是模仿或由前Inc附属组织参与的行动。 报告继续指出：“攻击者还部署了Netscan、Netexec和MeshAgent等其他具有双重用途的工具。他们还使用了定制版的Rustdesk远程监控和管理工具，该工具被修改以伪装其功能，并加入了‘WinZip远程桌面’的文件描述和WinZip图标，企图隐藏其真实用途。” 攻击者使用常见的双重用途工具进行网络探测和访问，外加一个伪装成“WinZip远程桌面”的修改版RustDesk远程工具以隐藏其目的。为了瘫痪防御系统，他们在一次自带漏洞驱动攻击中，部署了伪装成Malwarebytes组件的Poortry驱动程序，用以关闭安全软件。KillAV也为了达成目的而被使用。最后，在启动勒索软件之前，他们启用了RDP以维持远程访问。 Osiris是技术娴熟的威胁行为者使用的一款能力强大的新型勒索软件。研究人员强调，工具的重复使用和战术表明其可能与Inc附属组织及Medusa活动存在潜在联系，尽管这样的关联尚不明确。 报告总结道：“勒索软件领域的形势不断变化，新勒索软件家族的出现始终值得密切关注。” 消息来源：securityaffairs.com； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文