Aggregator

400K Clal Insurance Customer Records & Sensitive Files Allegedly Leaked on Dark Web

A newly discovered cryptojacking malware dubbed “MassJacker” is targeting users who download pirated software, replacing cryptocurrency wallet addresses to redirect funds to attackers. The malware acts as a clipboard hijacker, monitoring when users copy crypto wallet addresses and silently replacing them with addresses controlled by the threat actors. The infection chain begins at sites like […]

The post MassJacker Clipper Malware Attacking Users Installing Pirated Software appeared first on Cyber Security News.

Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences.  Cisco Talos observed threat actors abusing Cascading Style Sheets (CSS) to evade detection and track user behavior, raising security and privacy concerns, including potential fingerprinting. Cascading Style Sheets (CSS) is a stylesheet language used to […]

A vulnerability has been found in Linux Kernel up to 5.4.123/5.10.41/5.12.8 and classified as problematic. This vulnerability affects the function __nfs_pageio_add_request of the component NFS. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2021-47167. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.41/5.12.8. It has been classified as problematic. Affected is the function irq_fpu_usable of the file arch/x86/kernel/fpu/core.c of the component netfilter. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2021-47174. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.41/5.12.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component sched. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2021-47175. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.236/5.10.174/5.12.8. It has been rated as critical. Affected by this issue is the function dasd_generic_verify_path of the component s390. The manipulation leads to denial of service. This vulnerability is handled as CVE-2021-47176. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 4.19.192/5.4.123/5.10.41/5.12.8. This vulnerability affects the function __GFP_NOWARN of the component usbfs. The manipulation leads to allocation of resources. This vulnerability was named CVE-2021-47170. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Tenda F1203 2.0.1.6. This vulnerability affects the function fromWizardHandle. The manipulation of the argument PPW leads to stack-based buffer overflow. This vulnerability was named CVE-2024-32310. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. This affects the function formexeCommand. The manipulation of the argument cmdinput leads to command injection. This vulnerability is uniquely identified as CVE-2024-32281. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.14/6.7.2. Affected by this issue is some unknown functionality of the component arm64. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-26670. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.3. It has been classified as critical. This affects the function blk_mq_mark_tag_wait of the component blk-mq. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-26671. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.148/6.1.75/6.6.14/6.7.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component nft_limit. The manipulation leads to integer overflow. This vulnerability is known as CVE-2024-26668. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.14/6.7.2. Affected by this vulnerability is the function tcf_block_offload_unbind. The manipulation leads to memory leak. This vulnerability is known as CVE-2024-26669. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

tj-actions 维护者账号遭到入侵，攻击者推送了恶意更新。这是最新一起扰乱互联网的供应链攻击，tj-actions 被 2.3 万家组织使用的，其中包括很多大企业。上周五左右，tj-actions/changed-files 所有版本的源代码都收到了未经授权的更新，改变了开发者指向特定代码版本的“标签”。标签指向了一个公开的文件，文件会复制服务器的内部内存，搜索凭证，将其写入日志。tj-actions 维护者周六表示，攻击者窃取了 @tj-actions-bot 的凭证，获得了源码库的访问权限。维护者表示，他们不知道攻击者是如何窃取到 @tj-actions-bot 的凭证，该账号的密码已经修改，并使用了 passkey 保护。Github 表示没有证据表明该公司或其平台遭到入侵。安全公司 Wiz 的监测显示，至少数十名 tj-actions 用户受到了这次供应链的真正伤害。

Cyver Core (Cyver BV) reports business results for cybersecurity teams leveraging automation with GenAI.  “Cyver Core delivered a Generative AI product to our users in 2024 and since then, we’ve seen significant results on time-savings, especially across enterprise teams. Reporting obligations are greatly reduced, freeing up skilled labor for value-added tasks and reducing the need […]

The post Cyver Core Reports 50% Reduction in Pentest Reporting Time with Generative AI appeared first on Cyber Security News.

A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-6938. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the argument callback leads to cross site scripting. This vulnerability is handled as CVE-2024-6939. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in marcelotorres Simple Responsive Slider Plugin up to 0.2.2.5 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-37954. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. This affects an unknown part of the file /admin/forms/add/step2.php?submission_type=direct. The manipulation of the argument Form URL leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-6934. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.