Aggregator

A vulnerability, which was classified as problematic, was found in PHPGurukul COVID 19 Testing Management System 1.0. Affected is an unknown function of the file /covid-tms/patient-search-report.php of the component POST Request Parameter Handler. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability is traded as CVE-2024-53635. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /covid-tms/check_availability.php of the component POST Request Parameter Handler. The manipulation of the argument mobnumber leads to sql injection. The identification of this vulnerability is CVE-2024-53604. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in PHPGurukul COVID 19 Testing Management System 1.0. This vulnerability affects unknown code of the file /covid-tms/password-recovery.php of the component POST Request Parameter Handler. The manipulation of the argument contactno leads to sql injection. This vulnerability was named CVE-2024-53603. The attack can be initiated remotely. There is no exploit available.

An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. [...]

DICOMHawk是一款功能强大且高效的 DICOM 服务器蜜罐，可以帮助广大研究人员检测和记录未经授权的访问尝试。

活动时间：2024.11.28 10:00-2024.12.08 19:00

活动时间：2024.11.28 10:00-2024.12.08 19:00

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.

Black Friday 2024 is almost here, and great deals are already live in computer security, software, online courses, system admin services, antivirus, and VPN software. These promotions offer deep discounts from various companies and are only available for a limited time. [...]

Enterprise cybersecurity teams tell Omdia's Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model — but they are finding that tricky to pull off.

内核内存安全问题的新猎手，USENIX Security 2024研究工作IMMI

A vulnerability, which was classified as problematic, was found in İzmir Katip Çelebi University University Information Management System. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2023-6190. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Exabeam has allied with Wiz to gain access to security data collected from a cloud-native application protection platform (CNAPP).

The post Exabeam Allies With Wiz to Integrate CNAPP With SIEM Platform appeared first on Security Boulevard.

Key Points Introduction Cybercriminals constantly try to evolve their tactics and techniques, aiming to increase infections. Their need to stay undetected pushes them to innovate and discover new methods of delivering and executing malicious code, which can result in credentials theft and even ransomware encryption. Check Point Research discovered a new undetected technique that uses […]

The post Gaming Engines: An Undetected Playground for Malware Loaders appeared first on Check Point Research.

ESET researchers make a discovery that signals a shift on the UEFI threat landscape and underscores the need for vigilance against future threats