Aggregator

Этот взлом уже называют крупнейшей кибератакой на госструктуры в 2024 году.

A vulnerability classified as problematic has been found in 3S-Smart CODESYS Gateway Server up to 2.3.9.47. This affects an unknown part of the component HTTP Request Handler. The manipulation as part of GET Request/POST Request leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2015-6484. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco ASA up to 9.5.1. It has been rated as critical. This issue affects some unknown processing of the component DCERPC Inspection. The manipulation leads to improper access controls (Firewall). The identification of this vulnerability is CVE-2015-6423. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in NetFilter and classified as problematic. Affected by this issue is some unknown functionality of the component conntrackd. The manipulation leads to code. This vulnerability is handled as CVE-2015-6496. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in J2Store Extension up to 3.1.6 on Joomla. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument sortby/manufacturer_ids[] leads to sql injection. This vulnerability is traded as CVE-2015-6513. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in IPPUSBXD up to 1.21. This issue affects some unknown processing of the component USB Connection Handler. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2015-6520. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apache ActiveMQ up to 5.10.0. This issue affects some unknown processing of the component LDAPLoginModule/Java Authentication/Authorization Service. The manipulation leads to credentials management. The identification of this vulnerability is CVE-2015-6524. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in YouTube Embed Plugin up to 3.3.2 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the file includes/options-profiles.php. The manipulation of the argument youtube_embed_name leads to cross site scripting. This vulnerability is known as CVE-2015-6535. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Cerb up to 7.0.3. This affects the function saveWorkerPeek of the file ajax.php. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2015-6545. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Symantec Endpoint Encryption up to 11.0. It has been classified as critical. Affected is an unknown function of the file EACommunicatorSrv.exe of the component Framework Service. The manipulation leads to information disclosure (Memory Dump). This vulnerability is traded as CVE-2015-6556. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenSSH 6.8/6.9. It has been declared as problematic. This vulnerability affects unknown code of the component sshd. The manipulation leads to improper access controls. This vulnerability was named CVE-2015-6565. Attacking locally is a requirement. Furthermore, there is an exploit available.

在这个信息爆炸的时代，开源情报已成为一种潮流和趋势。越来越多的人开始关注开源，参与到开源情报的行列中来。

创作不易呀，评论两句和加个关注吧PS：由于军事公众号封号非常严重，特战之家已经被封了两个号了（特战之家、极限

一名讲越南语的攻击者针对欧洲和亚洲的政府和教育实体部署了一种名为 PXA Stealer 、基于 Python 的新型恶意软件。

一、境外厂商产品漏洞 1、Google Pixel越界读取漏洞

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞420个，其中高危漏洞228个、中危漏洞167个、低危漏洞25个。

流行的 WordPress 备份插件 WP Time Capsule 存在一个严重漏洞，导致 20,000 多个网站容易被完全接管。 该漏洞（CVE-2024-8856）由安全研究员Rein Daelman发现，未经认证的攻击者可将任意文件上传到网站服务器。这意味着恶意行为者有可能注入后门、恶意软件，甚至完全控制网站。 该漏洞源于插件的 UploadHandler.php 文件缺乏文件类型验证，以及缺乏直接文件访问防护。这种危险的组合为攻击者提供了入侵易受攻击网站的直接途径。 该漏洞的 CVSS 得分为 9.8，被列为严重漏洞。这强调了网站所有者立即采取行动的紧迫性。 成功利用此漏洞可能导致 数据泄露： 攻击者可能窃取敏感的用户信息、财务数据或专有内容。 网站篡改： 恶意行为者可能会篡改网站内容，损害网站声誉和用户信任。 恶意软件传播： 网站可能被用来向毫无戒心的访问者分发恶意软件。 完全接管服务器： 攻击者可以完全控制托管网站的服务器。 WP Time Capsule 开发团队已在 1.22.22 版本中解决了这一漏洞。强烈建议所有用户立即更新到该版本。 以下是 WordPress 用户的一些基本最佳实践： 保持更新插件和主题： 定期将所有插件和主题更新到最新版本，以修补安全漏洞。 使用强大的密码： 为 WordPress 管理员账户和所有用户账户选择强大、唯一的密码。 实施双因素身份验证： 启用双因素身份验证，增加一层额外的安全性。 定期备份网站： 备份对于从安全事故或数据丢失中恢复至关重要。 选择信誉良好的插件： 只安装来源可靠、安全记录良好的插件。     转自安全客，原文链接：https://www.anquanke.com/post/id/301939 封面来源于网络，如有侵权请联系删除

A vulnerability classified as critical was found in Phpweather 2.2.2. Affected by this vulnerability is an unknown functionality of the file test.php of the component Weather. The manipulation of the argument language leads to path traversal. This vulnerability is known as CVE-2008-5771. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Thenetguys ASPired2Quote and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2008-5885. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in iyziforum iyzi Forum 1.0. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2008-5901. It is possible to launch the attack remotely. Furthermore, there is an exploit available.