Aggregator

A vulnerability was found in HFO4 shudong-share 2.4.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /includes/fileReceive.php of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2024-8338. The attack can be launched remotely. Furthermore, there is an exploit available.

您有一份周报待查收......

Submit #399538 / VDB-276217

A vulnerability was found in Web Directory Free Plugin up to 1.7.2 on WordPress. It has been classified as critical. Affected is the function include. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-3673. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ELECOM WAB-I1750-PS and WAB-S1167-PS up to 1.5.10 and classified as problematic. This issue affects some unknown processing of the file menu.cgi. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-42412. The attack may be initiated remotely. There is no exploit available.

Как релиз новой игры привлек внимание хакеров.

A vulnerability has been found in Elecom WRC-X3000GS2-B, WRC-X3000GS2-W and WRC-X3000GS2A-B up to 1.08 and classified as problematic. This vulnerability affects unknown code of the file easysetup.cgi. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-34577. The attack can be initiated remotely. There is no exploit available.

Reading Time: 6 min Master DMARC deployment in 5 steps. Learn to configure SPF/DKIM, analyze reports, and gradually enforce policies.

The post DMARC Deployment Phases: What to Expect and How to Prepare appeared first on Security Boulevard.

Reading Time: 6 minIf you want to enhance your organization’s email security and deliverability,

A vulnerability, which was classified as critical, was found in Elecom WAB-I1750-PS up to 1.5.10. This affects an unknown part of the component Telnet. The manipulation leads to missing authentication. This vulnerability is uniquely identified as CVE-2024-39300. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply restrictive firewalling.

七月榜单终于来啦本月有95位白帽师傅为JSRC提交了漏洞感谢您的付出一起看看榜上有名的师傅们都有谁吧！

月满中秋，礼盒到！

Hackers have been exploiting vulnerabilities in iOS and Google Chrome to target government websites, particularly in Mongolia. Google’s Threat Analysis Group (TAG) observed these attacks, which have been linked to the Russian government-backed actor APT29. The hackers have repeatedly used the same exploits, initially developed by commercial surveillance vendors, to breach security defenses. This article […]

The post Hackers Repeatedly Using Same iOS & Chrome Exploits to Attack Government Websites appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

KCon 2024 圆满落幕！

Almost every week, oil spills are reported somewhere in the world. From ships dumpin

In jointly published analysis by Palantir Technologies and Trail of Bits pertaining to Google Pixel security, it has been revealed that Pixel phones shipped worldwide since 2017 host a dormant app. The app, if exploited, can become a staging ground for attacks and can be used for delivering various kinds of malware. In this article, […]

The post Google Pixel Security: Android App Makes Phones Vulnerable appeared first on TuxCare.

The post Google Pixel Security: Android App Makes Phones Vulnerable appeared first on Security Boulevard.

利用 NASA Endurance 号火箭任务数据，一个国际科学家团队首次成功测量了整个地球的电场，该电场被认为与地球重力和磁场一样重要。这种电场被称为双极电场。科学家在 60 多年前就提出假设，认为它驱动着地球大气层从地球南北极逃逸。Endurance 任务数据证实了双极电场的存在，并量化了其强度，揭示了它在驱动大气逃逸和更广泛地塑造地球电离层（上层大气层）方面的作用。了解地球大气层的复杂运动和演变不仅为科学家提供了地球历史线索，还能让他们洞察其他行星奥秘，并判断哪些行星可能适合生命存在。

App+1 | 捏个朋友一起专注，主打陪伴的番茄钟：gogh 番茄工作法早已不是新鲜事物，作为一种简单、高效的时间管理方法，它在被提出后即获得了广泛的实践和认可。如今，世界范围内的众多团队和个人在各

犯罪片、动作片、喜剧片还是纪录片？一个人最喜欢的电影类型揭示了他们的大脑是如何工作的。发表在《Frontiers in Behavioral Neuroscience》上的一项新研究将电影偏好数据与大脑活动记录进行了比较。动作片和喜剧片的粉丝对负面情绪刺激的反应非常强烈，而喜欢纪录片或犯罪电影和惊悚片的参与者的反应要弱得多。研究人员通过分析 257 人的数据详细调查了这种相互作用。受访者提供了有关他们电影偏好的信息。研究人员还利用功能性磁共振成像(fMRI)分析了参与者的大脑活动。实验对象躺在核磁共振成像仪里时，被展示恐惧或愤怒的面孔和几何图形。研究人员专注于大脑的两个区域。首先是杏仁核，它负责处理重要的情绪。另一个被称为大脑奖励中心的伏隔核的神经元活动。研究结果表明，动作电影爱好者特别容易受到情绪刺激的影响，并且觉得这种刺激很有吸引力。喜欢喜剧的人的大脑也有类似的活动。犯罪电影、惊悚片和纪录片的粉丝的反应明显低于其他组的参与者。