Aggregator

A vulnerability was found in Trend Micro Email Encryption Gateway 5.5 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2018-6230. The attack may be launched remotely. Furthermore, there is an exploit available.

Wordfence安全研究员披露重要信息据Wordfence安全研究员István Márton披露，一个关键的认证绕过了漏洞被暴露在了WordPress的Really Simple Security（以前称为Really Simple SSL）插件中，如果此漏洞被利用，攻击者可以远程获得易受攻击网站的完全管理权限。这个漏洞，被追踪为CVE-2024-10924（CVSS评分：9.8），影响插件的

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The organization launched an investigation into the incident with the help of a cybersecurity firm. The healthcare center discovered that a threat actor […]

AMOS и Lumma Stealer охотятся за данными пользователей.

Android Authority 援引消息来源报道，Google 准备杀死 Chrome OS，或者说将 Chrome OS 变成 Android，以期望在平板市场与苹果的 iPad 展开竞争。Chrome OS 是为笔记本电脑设计的 Linux 操作系统，而 Android 除了用于智能手机外也广泛用于智能手表、电视、汽车以及平板电脑。但两大操作系统在平板电脑上都无法抗衡苹果，Chrome OS 本身不太适合平板电脑，而 Android 则缺乏生产力功能。Google 的决定不是融合两种操作系统，而是将 Chrome OS 完全迁移到 Android。暂时不清楚此举对 Chromebook 品牌的影响。

A vulnerability was found in step-security harden-runner up to 2.10.1. It has been rated as critical. This issue affects some unknown processing of the component Environment Variable Handler. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2024-52587. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Top500 公布了最新的超算榜单，美国加州劳伦斯利弗莫尔国家实验室的新超算 El Capitan 首次亮相即登上榜首。El Capitan 使用了 AMD 第四代 EPYC 处理器，配备了 AMD Instinct MI300A 加速器，共有 11,039,616 个 CPU 和 GPU 核心，性能 1.742 EFlop/s。此前称霸榜单的田纳西州橡树岭国家实验室（ORNL）的 Frontier 超算排名第二，核心数从 8,699,904 个增加到 9,066,176 个，性能从 1.206 Eflop/s 提升到 1.353 Eflop/s，它使用的也是 AMD EPYC 处理器。阿贡国家实验室 Aurora 超算排名第三，使用英特尔的 Xeon CPU Max 9470 52C 2.4GHz 和英特尔 Data Center GPU，性能 1.012 EFlop/s。微软 Microsoft Azure 超算 Eagle 第四，使用英特尔 Xeon Platinum 8480C 48C 2GHz 和英伟达 H100 GPU，性能 561.2 PFlop/s。意大利 Ferrera Erbognone Eni S.p.A 中心的超算 HPC6 第五，它是欧洲最快的超算，架构与 Frontier 相同，性能 477.90 PFlop/s。日本的 ARM 超算富岳第六，性能 442 PFlop/s。瑞士超算 Alps 升级后性能提升到 434.9 PFlop/s。芬兰欧洲超算中心的 LUMI 性能 380 PFlop/s。意大利 Leonardo 性能 241.2 PFlop/s。劳伦斯利弗莫尔新超算 Tuolumne 第十，架构与 El Capitan 相同，性能 208.1 PFlop/s。排名前十的超算有五台使用了 AMD EPYC 处理器，一台使用了 ARM 处理器一台，三台使用了英特尔的至强处理器，还有一台使用英伟达 Grace 72C 处理器。在 Top 500 中，美国从上次的 168 台增加到 173 台，中国从 80 台减少到 63 台，中国没有向榜单报告新超算。欧洲共有 161 台超算。

U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information. The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone communications of "high-value intelligence targets." It's not clear what information was taken, if any,

En el artículo de hoy vamos a ver un concepto que se repite mucho cuando lees sobre Windows. ¿Estás leyendo...

我实验室获“松山湖杯”第一届中国研究生操作系统开源创新大赛二等奖

网络战是选项

A vulnerability was found in kalcaddle kodbox up to 1.52.04. It has been classified as problematic. This affects an unknown part of the component Captcha. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-51037. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in FlightPath 7.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Last Name Section. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-50983. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Flagsmith up to 2.134.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-52871. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Flagsmith up to 2.134.0. This affects the function get_document. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2024-52872. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Google for WooCommerce Plugin up to 2.8.6 on WordPress. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-10486. It is possible to initiate the attack remotely. There is no exploit available.

Открытия телескопа продолжают удивлять.

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was