Aggregator

We’re sharing an update on suspected state-backed attacker APT29 and the use of exploits identical to those used by Intellexa and NSO.

An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. The flaw is a command injection issue […]

2019 年以 300 万美元收购轻博客服务 Tumblr 的 Automattic 宣布将其后端搬到 WordPress。该公司澄清 Tumblr 不会变成 WordPress，它只是运行在 WordPress 之上，用户不会有体验上的差异。Automattic 称，收购 Tumblr 是为了受益于差异化，它会加强而不是削弱这种差异。它不会改变 Tumblr 极简的发布体验和产品方向。后端转移到 WordPress 有利于工程团队开发适用于两种服务的工具和功能，Tumblr 将能利用 WordPress.org 上的开源开发成果。

Новая версия принесла автоматическое переключение профилей, поддержку Lua 5.4 и многое другое.

Rust for Linux 内核维护者 Wedson Almeida Filho 宣布了辞职，导致他辞职的一大原因是围绕内核使用 Rust 语言的非技术性争论。Wedson 是微软工程师，参与了大量与 Rust Linux 内核功能相关的工作，包括实验性的将 EXT2 文件系统驱动移植到 Rust。但现在他宣布自己受够了，表示自己没有了回应非技术性争论的精力和热情，他更热衷于与 Rust for Linux 团队讨论技术性问题，坚信内核的未来是采用内存安全的语言。

The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment.

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS)—released a joint Cybersecurity Advisory, #StopRansomware: RansomHub Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with RansomHub activity identified through FBI investigations and third-party reporting as recently as August 2024.

RansomHub is a ransomware-as-a-service variant—formerly known as Cyclops and Knight—which has recently attracted high-profile affiliates from other prominent variants such as LockBit and ALPHV.

CISA encourages network defenders to review this advisory and apply the recommended mitigations. See #StopRansomware and the #StopRansomware Guide for additional guidance on ransomware protection, detection, and response. Visit CISA’s Cross-Sector Cybersecurity Performance Goals for more information on the CPGs, including added recommended baseline protections.

CISA encourages software manufacturers to take ownership of improving the security outcomes of their customers by applying secure by design methods. For more information on Secure by Design, see CISA’s Secure by Design webpage and joint guide Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.

CISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-242-01 Rockwell Automation ThinManager ThinServer
• ICSA-24-242-02 Delta Electronics DTN Soft
   
• ICSA-24-226-06 Rockwell Automation FactoryTalk View Site Edition (Update A)

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts

GAITHERSBURG, Md. — Today, the U.S. Artificial Intelligence Safety Institute at the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced agreements that enable formal collaboration on AI safety research

A vulnerability, which was classified as critical, was found in B&R Industrial Automation B&R APROL up to R 4.4-00P3. Affected is an unknown function. The manipulation leads to untrusted search path. This vulnerability is traded as CVE-2024-5623. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in B&R Industrial Automation B&R APROL up to R 4.4-00P3. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-5624. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in MagePeople Team Taxi Booking Manager for WooCommerce Plugin up to 1.0.9 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-43986. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in B&R Industrial Automation B&R APROL up to R 4.2-07P3/R 4.4-00P3. This affects an unknown part. The manipulation leads to execution with unnecessary privileges. This vulnerability is uniquely identified as CVE-2024-5622. Attacking locally is a requirement. There is no exploit available.

U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described as connected to

During our recent webinar, “From Setup to Success: ...

The post Answering Your Webinar Questions: Email Security with EasyDMARC appeared first on EasyDMARC.

The post Answering Your Webinar Questions: Email Security with EasyDMARC appeared first on Security Boulevard.

A vulnerability was found in Dell PowerEdge Platform up to 2.22.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component 14G Intel BIOS. The manipulation leads to access of memory location after end of buffer. This vulnerability is handled as CVE-2024-38304. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SportsNET 4.0.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /app/ax/setAsRead/. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2024-29726. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in SportsNET 4.0.1. It has been classified as critical. Affected is an unknown function of the file /app/ax/sort_bloques/. The manipulation of the argument list leads to sql injection. This vulnerability is traded as CVE-2024-29725. It is possible to launch the attack remotely. There is no exploit available.