Aggregator

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance Microsoft released a small set of updates that only applied … More →

The post Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast appeared first on Help Net Security.

A vulnerability classified as problematic was found in Red Storm Ghost Recon up to 1.4. This vulnerability affects unknown code. The manipulation leads to denial of service. This vulnerability was named CVE-2004-2371. The attack can be initiated remotely. Furthermore, there is an exploit available.

基本信息原文名称：Bleem: Packet Sequence Oriented Fuzzing for Protocol Implementations原文作者：Zhengxiong Luo; Ju

One of the cornerstone decisions in product development is establishing the ideal work cycle. Modern

A vulnerability, which was classified as problematic, was found in Sun Solaris 7.0/8.0/9.0/10.0. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2004-0791. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

I've been putting off writing about zero-knowledge proofs for months, partly because explaining them

Home在线应用PrivTracker – 开源的私人 BT Tracker 服务器地址：超大文件分享的又一个选择

A vulnerability has been found in Linux Kernel 4.11.5 and classified as critical. This vulnerability affects unknown code of the component offset2lib Patch. The manipulation leads to improper access controls. This vulnerability was named CVE-2017-1000371. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rwcinc Free Realty 3.1-0.6. It has been classified as critical. Affected is an unknown function of the file agentdisplay.php. The manipulation of the argument edit leads to sql injection. This vulnerability is traded as CVE-2012-4279. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Published: 2025-01-11. Last Updated: 2025-01-12 07:44:13 UTCby Didier Stevens (Version: 1)Wiresh

近日，一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。