Aggregator

A recent investigation into a deceptive push-notification network shows how a simple DNS mistake can open a window into criminal infrastructure. The campaign abused browser notifications to flood Android users with fake security alerts, gambling lures, and adult offers. Random-looking domains and hidden hosting tried to hide the operator while keeping the flow of clicks […]

The post Researchers Gained Access to Hacker Domain Server Using Name Server Delegation appeared first on Cyber Security News.

根据 Cloudflare Rader 和 Netblocks 的监测，伊朗仍然处于基本断网状态，对互联网的封锁已进入第 12 天。在这此前，伊朗的流量有关短暂的恢复，但很快又时断时续，显示伊朗政府正在测试一个信息严格过滤的国内互联网。根据官方的数据，此前的大规模抗议导致了逾五千人死亡，逾两万人被捕。非官方数据认为死亡人数可能超过万人。

美国为抓捕委内瑞拉总统马杜罗而发起的这场惊人突袭，标志着破坏性网络行动已成为军事行动的常规组成部分。

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix,

Банкиры посчитали, сколько мы переплачиваем курьерам-людям.

CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence

Как новые правила ЦБ превратили обычный шопинг в кошмар.

For the latest discoveries in cyber research for the week of 19th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Spanish energy company Endesa has disclosed a data breach after unauthorized access to a commercial platform used to manage customer information. Media report attackers listed over 1 terabyte of data, including IBANs, […]

The post 19th January – Threat Intelligence Report appeared first on Check Point Research.

A critical vulnerability in Windows SMB client authentication that enables attackers to compromise Active Directory environments through NTLM reflection exploitation. Classified as an improper access control vulnerability, this vulnerability allows authorized attackers to escalate privileges via carefully orchestrated authentication relay attacks over network connections. Seven months after the June 2025 security patch release, research reveals […]

The post Windows SMB Client Vulnerability Enables Attacker to Own Active Directory appeared first on Cyber Security News.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.11.2. Affected by this issue is the function region_intersects of the file /proc/iomem. Such manipulation leads to permission issues. This vulnerability is referenced as CVE-2024-49878. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.13/6.11.2. It has been classified as problematic. This issue affects the function alloc_flex_gd of the file fs/ext4/resize.c of the component ext4. The manipulation leads to off-by-one. This vulnerability is listed as CVE-2024-49880. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.11.2. This affects the function alloc_ordered_workqueue of the component omapdrm. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-49879. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.11.2 and classified as problematic. This vulnerability affects the function nfserr_io of the component nfsd. Executing a manipulation can lead to improper validation of integrity check value. This vulnerability is tracked as CVE-2024-49875. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.10.13/6.11.2. The impacted element is the function xa_array of the component drm. Such manipulation leads to use after free. This vulnerability is documented as CVE-2024-49876. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.11.2. Affected by this issue is the function ocfs2_set_buffer_uptodate. This manipulation causes null pointer dereference. This vulnerability is handled as CVE-2024-49877. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.11.2. Affected by this vulnerability is the function filemap_get_folios_contig of the component HugeTLB Page Handler. This manipulation causes null pointer dereference. The identification of this vulnerability is CVE-2024-49873. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.54/6.10.13/6.11.2. This affects the function svc_i3c_master_probe of the component i3c. Performing a manipulation results in use after free. This vulnerability is reported as CVE-2024-49874. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.11.2. Affected by this vulnerability is the function memfd_pin_folios of the component HugeTLB Page Handler. The manipulation results in denial of service. This vulnerability is known as CVE-2024-49872. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability labeled as problematic has been found in Linux Kernel up to 6.1.112/6.6.54/6.10.13/6.11.2. This impacts the function cachefiles_open_file. Executing a manipulation can lead to improper update of reference count. This vulnerability appears as CVE-2024-49870. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Linux Kernel up to 5.15.167/6.1.112/6.6.54/6.10.13/6.11.2. Affected is the function adp5589_clear_config of the component adp5589-keys. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-49871. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.