Aggregator

Submit #399711 / VDB-276222

A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. This issue affects some unknown processing of the file /controllers/add_client.php. The manipulation of the argument image_profile leads to unrestricted upload. The identification of this vulnerability is CVE-2024-8342. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. This vulnerability affects unknown code of the file /controllers/add_user.php. The manipulation of the argument avatar leads to unrestricted upload. This vulnerability was named CVE-2024-8341. The attack can be initiated remotely. Furthermore, there is an exploit available.

Основателя мессенджера обвиняют в содействии криминальной деятельности.

A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. This affects an unknown part of the file /Actions.php?a=login. The manipulation of the argument username leads to sql injection. This vulnerability is uniquely identified as CVE-2024-8340. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Cybersecurity researchers from Mandiant and Google Cloud have uncovered a sophisticated scheme where hackers exploit digital advertising tools to conduct malicious campaigns. These tools, originally designed to enhance marketing efforts, have been repurposed by threat actors to evade detection and amplify their attacks. This article delves into the methods these cybercriminals use, the tools they […]

The post Hackers Exploited Digital Advertising Tools to Launch Malicious Campaigns appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Важная игра могла быть решена ещё до выхода на поле.

Hackread报道，近期Cisco Talos（思科威胁情报团队）发现，BlackByte勒索软件正在对全球企业发起新一轮攻击。

谷歌威胁分析小组（TAG）当地时间8月29日发布博文披露，其研究团队在2023年11月至2024年7月期间发现，俄罗斯黑客通过水坑攻击对蒙古政府网站发起了多次攻击。

近日，Telegram创始人兼CEO帕维尔·杜罗夫被法国警方逮捕的新闻登上了各大科技媒体热搜和头条，虽然杜罗夫在缴纳500万美元的保释金后于本周三获释，但被调查期间禁止离开法国，并需每周两次向法国警方报到。

8月29日消息，最近几天，由于俄罗斯导弹和无人机袭击全国关键基础设施，数百万乌克兰人经历了互联网中断。

多个勒索软件团伙用来关闭端点检测和响应 (EDR) 解决方案的恶意 PoorTry 内核模式 Windows 驱动程序已演变为 EDR 擦除器，删除了对安全解决方案的运行至关重要的文件，并使恢复变得更加困难。

近日，谷歌公司宣布通过其漏洞奖励计划报告的Google Chrome单一漏洞的最高奖励金额已超过25万美元。

Submit #399662 / VDB-276221

Submit #399661 / VDB-276220

Submit #399548 / VDB-276219

法案的核心内容包括设立CISA与HHS之间的联络机制，以协调应对影响卫生系统的网络事件，并在紧急情况下提供额外援助。

A vulnerability was found in SourceCodester Electric Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /?page=tracks of the component Connection Code Handler. The manipulation of the argument code leads to sql injection. This vulnerability is handled as CVE-2024-8339. The attack may be launched remotely. Furthermore, there is an exploit available.

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

Submit #399540 / VDB-276218