Aggregator

A vulnerability was found in The Net Guys ASPired2Blog. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2008-5931. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Socialgroupie Social Groupie. It has been rated as very critical. This issue affects some unknown processing of the component File Upload. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2008-6367. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Xpoze Xpoze Pro 4.10. Affected by this issue is some unknown functionality of the file home.html. The manipulation of the argument menu leads to sql injection. This vulnerability is handled as CVE-2008-6352. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in ASP-CMS 1.0. This affects an unknown part of the file index.asp. The manipulation of the argument cha leads to sql injection. This vulnerability is uniquely identified as CVE-2008-6353. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Socialgroupie Social Groupie. It has been rated as critical. Affected by this issue is some unknown functionality of the file group_index.php. The manipulation of the argument id leads to sql injection. This vulnerability is handled as CVE-2008-6358. The attack may be launched remotely. Furthermore, there is an exploit available.

面向路由器的发行版 OpenWrt 宣布用 Alpine Linux 的 apk 包管理器替代自己的 opkg 包管理器。apk 代表 Alpine Package Keeper，与 Android 无关，它相比 opkg 有很多优势。旧的 opkg 包管理器被弃用，不再成为 OpenWrt 的一部分。OpenWrt 的开发版本已经切换到了新的 apk 包管理器。

In episode 355, Tom discusses his decision to deactivate his Twitter accounts due to privacy concerns with Twitter’s new AI policy and changes in the blocking features. He outlines the steps for leaving Twitter, including how to archive and delete tweets, and evaluates alternative platforms such as Bluesky, Mastodon, and Threads for cybersecurity professionals seeking […]

The post Why It’s Time to Leave Twitter appeared first on Shared Security Podcast.

The post Why It’s Time to Leave Twitter appeared first on Security Boulevard.

According to Gartner, the broad range of pricing for government, risk, and compliance (GRC) tools requires enterprise risk management (ERM) leaders to be well-versed in distinct pricing tiers of GRC solutions. In this Help Net Security video, Joel Backaler, Director/Analyst, Risk Technology & Analytics at Gartner, discusses how ERM leaders consider several critical questions to determine which GRC solution tier best aligns with their needs. Fill out the form to download your copy:

The post Evaluating GRC tools appeared first on Help Net Security.

A vulnerability was found in IBM WebSphere Application Server up to 7.0.0.40/8.0.0.11/8.5.5.8. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2015-7417. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Cognos Business Intelligence. It has been rated as critical. Affected by this issue is the function InvokerTransformer of the component Apache Commons Collections Library. The manipulation leads to code injection. This vulnerability is handled as CVE-2015-7450. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Solaris 11.3 and classified as critical. This issue affects some unknown processing of the component Verified Boot. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2016-5454. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Solaris 11.3 and classified as critical. Affected by this issue is some unknown functionality of the component Verified Boot. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2016-5452. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Oracle Rapid Planning 12.1/12.2. Affected is an unknown function of the component Middle Tier. The manipulation leads to deserialization. This vulnerability is traded as CVE-2015-7501. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Libgcrypt up to 1.6.4 and classified as problematic. Affected by this issue is some unknown functionality of the component Decryption Handler. The manipulation leads to information disclosure (Key). This vulnerability is handled as CVE-2015-7511. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

Gen Digital 公司的高级恶意软件研究员 Jan Rubín 最近分析发现，一种名为 Glove Stealer 的新型恶意软件是一种针对大量浏览器数据和本地安装的应用程序的强力信息窃取程序。Glove Stealer 使用 .NET 编写，它采用了一种专注于渗出敏感数据的方法，包括 Cookie、自动填充数据、加密货币钱包和 2FA 身份验证器。 Glove Stealer 严重依赖社交工程策略进行传播。它经常以一种看似有用的工具（如 ClickFix）出现在网络钓鱼活动中，诱使用户以为自己正在排除系统故障。Rubín 解释说：“诸如此类的策略会欺骗用户，让他们以为是在帮助自己，但按照攻击者的指示操作，他们实际上是在无意中感染了自己的设备。” 网络钓鱼邮件通常包含一个模仿虚假错误信息的 HTML 附件，提示用户通过 PowerShell 或运行提示执行恶意脚本。恶意软件本身以编码有效载荷的形式从服务器下载，并最终在服务器上进行数据窃取操作。 Glove Stealer 更为先进的功能之一是能够绕过谷歌 Chrome 浏览器的应用绑定加密（Chrome 浏览器 127 版引入）。为了实现这一功能，Glove Stealer 使用了一个利用 IElevator 服务的专用模块，这是 2024 年 10 月公开披露的一种方法。这种绕过方法允许 Glove Stealer 访问原本受保护的 Chrome 浏览器数据，包括 Cookie 和存储的密码。Rubín 解释说：“这种绕过方法涉及使用 IElevator 服务，”使攻击者能够检索对解密受保护信息至关重要的 App-Bound 密钥。 该模块伪装成 zagent.exe，被战略性地放置在 Chrome 浏览器的 “程序文件 ”目录中。这个位置至关重要，因为 App-Bound 加密会验证调用者进程的路径，这意味着 Glove Stealer 必须拥有本地管理员权限才能成功执行该模块。 Glove Stealer 并不局限于 Chrome 浏览器。它还针对其他流行浏览器，如 Firefox、Edge、Brave，甚至 CryptoTab 等专注于加密货币的浏览器。该恶意软件会系统性地终止浏览器进程，然后以有组织的结构收集数据，并将其保存在名为 Cookies、Autofill、OTP 和 Wallets 的文件夹中。通过这种方法，攻击者可以全面掌握受害者的在线活动和敏感信息。 Glove Stealer 的攻击目标包括加密货币钱包扩展、Google Authenticator 和 LastPass 等 2FA 工具以及 Thunderbird 等电子邮件客户端。 收集数据后，Glove Stealer 会根据受害者最近的文件将其整理到一个唯一的目录路径中，并标记上根据设备名称和序列号生成的 MD5 哈希值。数据收集完成后，将使用 ECB 模式下的 3DES 加密技术对数据进行打包和加密。加密后的数据包会以 Base64 编码文件的形式发送到命令与控制 (C&C) 服务器，为数据外泄过程增加了一层隐蔽性。 Rubín 总结说：“Glove Stealer 能够从 Chrome、Firefox、Edge、Brave 等多种浏览器中窃取各种信息。”     转自安全客，原文链接：https://www.anquanke.com/post/id/301936 封面来源于网络，如有侵权请联系删除

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site. The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The

A vulnerability was found in Microstrategy Web 7. It has been rated as problematic. This issue affects some unknown processing of the file admin/admin.asp. The manipulation of the argument ShowAll as part of Parameter leads to cross site scripting. The identification of this vulnerability is CVE-2018-18776. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to replace the affected component with an alternative.

A vulnerability was found in The Net Guys ASPired2Protect and classified as problematic. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2008-6355. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in The Net Guys ASPired2poll and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2008-6354. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Insun Podcast Feedcms 1.7.3 19beta. This issue affects some unknown processing of the file index.php. The manipulation of the argument lang leads to path traversal. The identification of this vulnerability is CVE-2008-6361. The attack may be initiated remotely. Furthermore, there is an exploit available.