Aggregator

2024BuildCTF-WEB全解

2024BuildCTF-MISC全解

2024BulidCTF-逆向部分题解

Jinja2-SSTI 新回显方式技术学习

2024年NSSCTF秋季招新赛（校外赛道） Crypto

Comparitech warns that voters could be misled as most local government sites are failing on basic security

Learn about the risks to service availability during the 2024 U.S. presidential election ? and the six steps you can take now to ensure your cyber resilience.

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute information known as SYS01stealer. "The hackers behind the campaign use trusted brands to expand their reach," Bitdefender Labs said in a report shared with The Hacker News. "The malvertising campaign leverages nearly a hundred malicious

Индийская страховая компания отстояла свою репутацию после кибератаки.

A vulnerability was found in X.org X Server up to 21.1.13 and classified as critical. This issue affects the function _XkbSetCompatMap of the component Bitmap Handler. The manipulation of the argument sym_interpret leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2024-9632. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in W3speedster Plugin up to 7.26 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper neutralization of directives in dynamically evaluated code ('eval injection'). This vulnerability is traded as CVE-2024-8512. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Black Widgets for Elementor Plugin up to 1.3.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SVG File Upload Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9388. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in David Donisa WP Donimedia Carousel Plugin up to 1.0.1 on WordPress. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2024-50511. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Posti Shipping Plugin up to 3.10.2 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information exposure through error message. This vulnerability is known as CVE-2024-50512. The attack can be launched remotely. There is no exploit available.

嘶吼

Cybersecurity is a leading concern for risk managers as AI-related cyber risks surge, and despite growing investments, many businesses still lack comprehensive cyber insurance, according to a Nationwide survey.

The post AI Cyberattacks Rise but Businesses Still Lack Insurance appeared first on Security Boulevard.

Интеграция платформ помогает отслеживать перемещения в сети и предотвращать атаки.

A vulnerability has been found in Patterson Dental Eaglesoft 17 and classified as very critical. This vulnerability affects unknown code of the component SQL Database. The manipulation leads to hard-coded credentials. This vulnerability was named CVE-2016-2343. The attack can be initiated remotely. There is no exploit available. It is recommended to change the configuration settings.

A vulnerability was found in Enable Shortcodes Inside Widget, Comments and Experts Plugin up to 1.0.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to code injection. This vulnerability is handled as CVE-2024-9846. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as problematic has been found in Subscribe to Comments Plugin up to 2.3 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8792. It is possible to initiate the attack remotely. There is no exploit available.