JVN: a-blog cmsにおける複数の脆弱性
有限会社アップルップルが提供するa-blog cmsには、複数の脆弱性が存在します。
Aggregator
Ransomware spreads faster, not smarter
9 months ago
The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black Kite survey. In their place, dozens of new actors emerged, many of them lacking the infrastructure, discipline, or credibility of their predecessors. The result was a surge in attack volume, a decline in coordination, and growing unpredictability in how, where, and why attacks occur. Ransomware landscape shift The number of … More →
The post Ransomware spreads faster, not smarter appeared first on Help Net Security.
Help Net Security
JVN: アイ・オー・データ製ネットワーク接続ハードディスク「HDL-Tシリーズ」における複数の脆弱性
9 months ago
株式会社アイ・オー・データ機器が提供するネットワーク接続ハードディスク「HDL-Tシリーズ」には、複数の脆弱性が存在します。
Cloudflare2024年缓解DDoS攻击数量创纪录
9 months ago
互联网服务巨头Cloudflare表示,其在2024年缓解了创纪录数量的DDoS攻击,同比大幅增长358%,环比增长198%。
这些数据来自Cloudflare的2025年第一季度DDoS报告,该公司表示,它在2024年共缓解了2130万次DDoS攻击。
然而,对于在线实体和公司来说,2025年似乎是一个更大的问题,Cloudflare仅在2025年第一季度就应对了2050万次DDoS攻击。
这些攻击包括Cloudflare本身,其基础设施在18天的多向量攻击中直接成为660万次攻击的目标。
针对Cloudflare网络的攻击
Cloudflare解释说:“在2050万次DDoS攻击中,1680万次是网络层DDoS攻击,其中660万次是直接针对Cloudflare的网络基础设施。”这些攻击是为期18天的多向量DDoS攻击的一部分,包括SYN洪水攻击,mirai生成的DDoS攻击,SSDP放大攻击等等。
这一增长的最大推动力是网络层攻击,近几个月来增长最为迅猛,同比增长509%。
DDoS攻击总次数
与此同时,超容量攻击的趋势有增无减,Cloudflare记录了超过700次攻击,这些攻击的带宽超过1tbps(太比特每秒)或数据包速率超过每秒10亿个数据包。在今年第一季度,属于这些类别的超容量攻击平均每天发生8次,总数比上一季度翻了一番。
Cloudflare表示,他们在2025年第一季度确定了两种新兴威胁,即无连接轻量级目录访问协议(CLDAP)和封装安全有效载荷(ESP)反射/放大攻击。
CLDAP攻击环比增长了3488%,表现为使用UDP而不是TCP的LDAP变体,后者更快,但可靠性较差。CLDAP中的UDP不需要握手,允许IP欺骗,攻击者通过伪造源IP地址来将大量流量反映到他们的目标。
ESP攻击的季度增长率为2301%,可能是由于配置错误或暴露系统存在漏洞。
观察到的2025年第一季度攻击趋势
游戏服务器遭攻击
Cloudflare报告中强调的一次攻击发生在2025年第一季度,涉及一家美国托管提供商,该提供商为《反恐精英GO》、《军团要塞2》和《半条命2:死亡竞赛》的多人游戏服务器提供服务。
这次攻击分多波进行,目标是27015端口,该端口以在游戏中使用而闻名,并规定它对UDP和TCP都是开放的,所以目标显然是破坏游戏服务。
这次攻击是“超大容量”的,达到每秒15亿个数据包,不过Cloudflare说攻击仍在缓解。
游戏服务器是DDoS攻击的热门目标,因为这种中断可能对发行商和整个玩家社区造成极大的破坏和影响。
即将破纪录的DDoS披露
该公司首席执行官Matthew Prince上周晚些时候宣布,他们已经缓解了创纪录的分布式拒绝服务(DDoS)攻击,峰值为5.8 Tbps,持续了大约45秒。
此前的记录也是由Cloudflare报告的,是由1.3万台设备组成的基于mirai的僵尸网络发起的5.6 Tbps的DDoS攻击。
胡金鱼
JVN: 富士電機製V-SFTにおける複数の脆弱性
9 months ago
富士電機株式会社が提供するV-SFTには、複数の脆弱性が存在します。
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks
9 months ago
Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.
The vulnerabilities in question are listed below -
CVE-2025-4427 (CVSS score: 5.3) - An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials
The Hacker News
美军在菲律宾建设最大战备仓库及全球战备预置体系分析
9 months ago
菲律宾苏比克湾这片曾经见证了无数历史风云的土地,如今再度成为全球军事战略的焦点。美军在这里建设冷战结束以来最
朝鲜驻外经贸参赞处:隐秘战线上的“创汇大师”
9 months ago
在这个全球制裁密布的时代,有一个国家却似乎总能找到缝隙,用其独特的方式在全球经济版图上“开疆拓土”。这个国家
CVE-2025-29838 | Microsoft Windows 11 24H2/Server 2025 ExecutionContext Driver null pointer dereference (EUVD-2025-14427)
9 months ago
A vulnerability classified as critical was found in Microsoft Windows 11 24H2/Server 2025. Affected by this vulnerability is an unknown functionality of the component ExecutionContext Driver. The manipulation leads to null pointer dereference.
This vulnerability is known as CVE-2025-29838. The attack needs to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-29841 | Microsoft Windows up to Server 2025 Universal Print Management Service use after free (EUVD-2025-14424)
9 months ago
A vulnerability has been found in Microsoft Windows up to Server 2025 and classified as critical. This vulnerability affects unknown code of the component Universal Print Management Service. The manipulation leads to use after free.
This vulnerability was named CVE-2025-29841. Attacking locally is a requirement. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-29842 | Microsoft Windows up to Server 2025 UrlMon acceptance of extraneous untrusted data with trusted data (EUVD-2025-14423)
9 months ago
A vulnerability was found in Microsoft Windows and classified as problematic. This issue affects some unknown processing of the component UrlMon. The manipulation leads to acceptance of extraneous untrusted data with trusted data.
The identification of this vulnerability is CVE-2025-29842. The attack may be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-29954 | Microsoft Windows up to Server 2022 23H2 Lightweight Directory Access Protocol resource consumption (EUVD-2025-14422)
9 months ago
A vulnerability was found in Microsoft Windows. It has been classified as problematic. Affected is an unknown function of the component Lightweight Directory Access Protocol. The manipulation leads to resource consumption.
This vulnerability is traded as CVE-2025-29954. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-29955 | Microsoft Windows 11 24H2/Server 2022 23H2/Server 2025 Hyper-V denial of service (EUVD-2025-14421)
9 months ago
A vulnerability was found in Microsoft Windows 11 24H2/Server 2022 23H2/Server 2025. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Hyper-V. The manipulation leads to denial of service.
This vulnerability is known as CVE-2025-29955. An attack has to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-29956 | Microsoft Windows up to Server 2025 SMB buffer over-read (EUVD-2025-14420)
9 months ago
A vulnerability was found in Microsoft Windows. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SMB. The manipulation leads to buffer over-read.
This vulnerability is handled as CVE-2025-29956. The attack may be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
Hacktivists Make Little Impact During India-Pakistan Conflict
9 months ago
While hacktivists claimed more than 100 successful attacks against Indian government, education, and military targets, the attacks were overblown in most cases and often did not even happen.
Robert Lemos, Contributing Writer
美国 CVE 计划深陷混乱,欧盟火速上线新型漏洞数据库
9 months ago
HackerNews 编译,转载请注明出处: 欧盟网络安全局(ENISA)5月13日宣布正式启动新型漏洞数据库计划。该计划被命名为“欧洲漏洞数据库(EUVD)”,此前已进行测试运行,现根据NIS2指令要求正式上线。其功能定位与美国国家漏洞数据库(NVD)类似,旨在为网络防御者提供集中化漏洞信息源。 EUVD将整合来自计算机安全事件响应团队(CSIRT)、供应商及现有数据库(如CISA已知被利用漏洞目录、MITRE CVE计划)的漏洞数据,自动同步至平台。数据库提供三大仪表板: 关键漏洞看板:展示高危漏洞信息 被利用漏洞看板:聚焦已遭攻击的漏洞 欧盟协调漏洞看板:由欧洲CSIRT团队提供支持 每条漏洞记录包含“EUVD”专属标识符,并关联CVE编号、云安全联盟全球安全数据库(GSD)及GitHub安全公告(GHSA)等外部标识。具体数据条目涵盖: 漏洞描述 受影响IT产品/服务及版本 漏洞严重程度与利用方式 CSIRT等机构提供的补丁与缓解指南 ENISA执行主任尤汉·莱帕萨尔表示:“该数据库确保受影响ICT产品用户的信息透明度,将成为查找缓解措施的高效信息来源。”主要用户群体包括公众、网络/信息系统供应商及其客户、私营企业、研究人员及CSIRT等国家机构。 当前网络安全界正关注CVE计划的长期前景——美国CISA近期紧急延长MITRE合同11个月以维持运行。EUVD的推出被视为欧盟构建自主漏洞管理能力的关键举措。 消息来源: infosecurity-magazine; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews
【CVE-2025-4532】向日葵远程控制程序权限提升漏洞现与分析
9 months ago
CVE-2025-4532 向日葵远程控制程序权限提升漏洞复现与分析
Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network
9 months ago
Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to execute malicious code remotely. Security experts are urging users to apply these patches immediately to safeguard their systems against potential exploits. Among the 72 flaws fixed in this month’s security update, two critical Remote Desktop […]
The post Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network appeared first on Cyber Security News.
Guru Baran
DudeSuite 一键解锁攻防演练小程序渗透新姿势 | 红队小白不再被劝退
9 months ago
小程序,抓包,渗透测试
MCP安全-《MCP暗战三部曲》1:什么是MCP?
9 months ago
MCP科技城市全景图