Aggregator

A vulnerability classified as problematic was found in Apache CloudStack up to 4.18.2.3/4.19.1.1. This vulnerability affects unknown code of the component Web Interface Logout. The manipulation leads to session expiration. This vulnerability was named CVE-2024-45462. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Apache CloudStack up to 4.18.2.3/4.19.1.1. This issue affects some unknown processing of the component Web Interface. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-45693. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apache CloudStack up to 4.18.2.3/4.19.1.1. Affected is an unknown function of the component Quota Plugin. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-45461. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Accordion Slider Plugin up to 1.9.11 on WordPress. Affected by this issue is some unknown functionality of the component HTML Attribute Handler. The manipulation leads to HTML injection. This vulnerability is handled as CVE-2024-9582. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Apache Solr up to 8.11.3/9.6.x. Affected is an unknown function of the component URL Path Ending. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2024-45216. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apache Solr up to 8.11.3/9.6.x and classified as problematic. Affected by this vulnerability is an unknown functionality of the component ConfigSets Handler. The manipulation leads to insecure default initialization of resource. This vulnerability is known as CVE-2024-45217. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in File Manager Pro Plugin up to 8.3.9 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component JavaScript File Handler. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-8918. The attack may be launched remotely. There is no exploit available.

据The Hacker News消息，与朝鲜相关的恶意软件 FASTCash正利用针对Linux的新变体实施攻击，目的是窃取资金。 研究人员表示，这种恶意软件安装在被入侵网络中处理银行卡交易的支付交换机上，以实施未授权的自动取款机提现交易。 美国相关机构于2018 年 10 月首次记录了 FASTCash，称至少自 2016 年底以来，有朝鲜背景的黑客组织Hidden Cobra就利用该恶意软件将非洲和亚洲地区的银行ATM作为攻击目标。在2017年的一起攻击事件中，该组织成功对位于 30 多个不同国家/地区的 ATM 机成功实施了攻击；2018年，同样的攻击又在 23 个不同国家的 ATM 机中上演。 虽然之前的 FASTCash仅适用于微软Windows系统和和 IBM AIX，但最新调查结果显示，新版本的恶意软件已经能够适用于Linux 系统，相关样本于 2023 年 6 月中旬首次提交到了 VirusTotal 平台。 该恶意软件为Ubuntu Linux 20.04 编译的共享对象（“libMyFc.so”）形式，攻击手法为篡改预定义的持卡人账号因资金不足而被拒绝的交易信息，并允许他们提取随机金额的土耳其里拉，每笔金额从 12000 到 30000 里拉（350 美元到 875 美元）不等 。 攻击示意图 Linux 变体的发现进一步强调了对足够强大的检测能力的需求，而 Linux 服务器环境中通常缺乏这些功能，建议对借记卡实施芯片和 PIN 要求、要求并验证发卡机构金融请求响应信息中的信息验证码，并对芯片和 PIN 交易执行授权响应加密验证。 参考来源：New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists     转自FreeBuf，原文链接：https://www.freebuf.com/news/412963.html 封面来源于网络，如有侵权请联系删除

Akamai has unveiled the availability of its Behavioral DDoS Engine for the App & API Protector solution. This new capability leverages machine learning for automatic, proactive protection against application-layer DDoS attacks. Behavioral DDoS Engine offers advanced detection and mitigation by analyzing anomalies and correlating multidimensional traffic data, ensuring robust defense against sophisticated and evolving DDoS threats. The engine provides customized, hands-off protection tailored to specific traffic baselines and risk sensitivities, minimizing manual intervention. Powered by … More →

The post Akamai releases Behavioral DDoS Engine for App & API Protection appeared first on Help Net Security.

A vulnerability, which was classified as problematic, has been found in Oracle GraalVM and Java SE. This issue affects some unknown processing of the component Networking. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-21208. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle Java SE and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Hotspot. The manipulation leads to an unknown weakness. This vulnerability is known as CVE-2024-21210. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.33/6.9.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to injection. This vulnerability was named CVE-2024-39483. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.36/6.9.7. It has been rated as critical. Affected by this issue is the function gfs2_jindex_free. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-42079. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

美国马里兰州信息技术部15日公布了其首个漏洞赏金计划的成果。参与该计划的黑客在州政府网站上共发现了40多个漏洞。 该漏洞赏金计划于7月30日正式启动，最初仅限于评估该州少数几个数字“资产”。随后，计划的范围扩大，涵盖了托管在Maryland.gov、md.gov以及state.md.us平台上的12个数字资产。在该计划运行期间（截至8月28日），通过州政府和网络安全公司HackerOne的共同审查，黑客们发现了40多个漏洞。这些漏洞在被威胁行为者利用之前，州政府已迅速完成修复。 州政府根据发现的漏洞严重程度向参与者支付了奖金，但未公开具体的支付金额。 官员们表示，此次计划帮助信息技术部与私营部门的网络安全领导者建立了重要合作关系，这将为未来的漏洞赏金计划及其他网络安全漏洞项目打下坚实基础。 许多联邦机构也已推出类似的漏洞赏金计划。根据州政府的新闻稿，马里兰州的漏洞赏金计划参考了美国国防部数字服务部门实施的一个项目，该项目专注于发现国防系统中的漏洞。在去年担任马里兰州首席信息官之前，Katie Savage曾负责领导国防数字服务部，该部门成功运行了“黑掉五角大楼”（Hack the Pentagon）等漏洞赏金计划。 Savage在新闻稿中表示：“漏洞赏金计划彻底改变了联邦政府识别和修复网络安全漏洞的方式。通过实施美国有史以来最广泛的州级漏洞赏金计划，马里兰州能够更快速地发现漏洞，建立与安全研究人员社区的强大长期联系，并确保我们的州更加安全。” 该计划得到了由州首席信息安全官Gregory Rogers领导的州安全管理办公室的全力支持。Rogers表示，该漏洞赏金计划是州级网络安全战略和信息安全计划的重要组成部分。 Rogers在新闻稿中提到：“州安全管理办公室正在通过采用最新的战略、创新和政策框架，来实现全州范围内的网络安全防御，并抵御威胁行为者的攻击。通过加强我们与美国国内蓬勃发展的安全研究人员社区的联系，我们正在建设一个不仅能自我保护，还能保护其公民的安全州，不论现在还是未来。” 参考资料：https://statescoop.com/maryland-state-bug-bounty-program-2024/     转自安全内参，原文链接：https://www.secrss.com/articles/71270 封面来源于网络，如有侵权请联系删除

“Wie zich het snelst aanpast en de kracht van innovatie het best benut, wint het gevecht. Het is de sleutel tot succes in een steeds gevaarlijkere wereld.” Met deze woorden richtte staatssecretaris Gijs Tuinman zich gisteren tot het meer dan 1.200-koppige publiek bij Innovation in Defence, het kennis- en innovatie-event van Defensie. Dat speelde zich af in de Werkspoorkathedraal in Utrecht.

Lookout announced new features for its Mobile Threat Defense (MTD) solution, Lookout Mobile Endpoint Security. These advancements provide comprehensive protection against two fast-growing advanced social engineering tactics: smishing (SMS phishing) and executive impersonation fraud texts. Lookout offers a defense-in-depth approach to cybersecurity that is designed to protect against the modern tactics used to breach an organization’s cloud infrastructure. Mobile devices are now the cornerstones of enterprise productivity, collaboration, communication and cloud identity verification. But as … More →

The post Lookout offers protection against social engineering and executive impersonation attacks appeared first on Help Net Security.

Cybersecurity threats have become increasingly prevalent and sophisticated in recent years, posing significant risks to businesses of all sizes. In 2023, there were 3,122 data breaches affecting approximately 349 million victims, highlighting the urgent need for robust network security solutions in our fast-paced, distributed work environments. NordLayer offers a sophisticated, scalable solution designed for businesses that require high-level protection without sacrificing flexibility. Developed using NordVPN’s world-class standards, NordLayer builds on a foundation of expertise to … More →

The post Product showcase: Secure and scale your network with NordLayer’s advanced security solutions appeared first on Help Net Security.

AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don't know how to use AI,” says Etay Maor, Chief Security