Aggregator

CVE-2000-1046 | Lotus Domino 5.0.2a/5.0.2c ESMTP Service RCPT TO/SAML FROM/SOML FROM memory corruption (EDB-19944 / SBV-139)

1 year 3 months ago

A vulnerability classified as very critical was found in Lotus Domino 5.0.2a/5.0.2c. This vulnerability affects unknown code of the component ESMTP Service. The manipulation of the argument RCPT TO/SAML FROM/SOML FROM leads to memory corruption. This vulnerability was named CVE-2000-1046. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

Malware botnets exploit outdated D-Link routers in recent attacks

Bleeping Computer.

1 year 3 months ago

Two botnets tracked as 'Ficora' and 'Capsaicin' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...]

Bill Toulas

Уволенный программист атаковал московскую компанию вирусом-шифровальщиком

Securitylab.ru

1 year 3 months ago

Вымогатель потребовал выкуп за зашифрованные данные компании.

miyako is Allegedly Selling Root-level Access to a Server Hosting the Firewall of a Large US Bank

Dark Web Informer - Cyber Threat Intelligence

1 year 3 months ago

miyako is Allegedly Selling Root-level Access to a Server Hosting the Firewall of a Large US Bank

Dark Web Informer - Cyber Threat Intelligence

CVE-2005-0023 | gnome libzvt2 1.4.2.19 Helper authentication spoofing (EDB-26321 / XFDB-22496)

Vuldb Updates

1 year 3 months ago

A vulnerability was found in gnome libzvt2 1.4.2.19. It has been classified as problematic. Affected is an unknown function of the component Helper. The manipulation leads to authentication bypass by spoofing. This vulnerability is traded as CVE-2005-0023. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

vuldb.com

CVE-2016-2107 | Apple Mac OS X up to 10.11.5 OpenSSL information disclosure (HT206903 / EDB-39768)

Vuldb Updates

1 year 3 months ago

A vulnerability was found in Apple Mac OS X up to 10.11.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component OpenSSL. The manipulation leads to information disclosure. This vulnerability is known as CVE-2016-2107. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

Gitxray: an opensource osint and forensics tool for GitHub contributors and repositories

不安全

1 year 3 months ago

Question for people who have accessed the deep/dark web

不安全

1 year 3 months ago

专家分析韩国坠机未必与鸟击有关

情报分析师

1 year 3 months ago

美国和英国情报部门正准备对俄罗斯在叙利亚的基地发动恐怖袭击

情报分析师

1 year 3 months ago

2024 常用产品

吴鲁加

1 year 3 months ago

列举一些 2024 年我常用的小东西。

2024 常用产品

不安全

1 year 3 months ago

列举一些 2024 年我常用的小东西。手机有俩：- Samsung S24 Ultra。这是今年安卓机里我最喜欢的，用过其他几款比如 Pixel 9 Pro Fold、Nothing 2a 等，各有缺

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 26

Security Affairs

1 year 3 months ago

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript Analyzing Malicious Intent in Python Code: A Case Study DigiEver Fix That IoT Thing! Botnets Continue to Target Aging D-Link Vulnerabilities OtterCookie, […]

Pierluigi Paganini

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 26

不安全

1 year 3 months ago

SECURITY AFFAIRS MALWARE NEWSLETTE

大众 80 万电动汽车车主的行踪短暂暴露在互联网上

不安全

1 year 3 months ago

本周举行的混沌计算机俱乐部 38C3 会议披露了大众汽车收集的 80 万电动汽车车主行踪信息暴露在互联网上数个月之久。这些信息保存在亚马逊 AWS 服务中，但安全性很差，信息暴露了车主汽车

大众 80 万电动汽车车主的行踪短暂暴露在互联网上

Solidot

1 year 3 months ago

本周举行的混沌计算机俱乐部 38C3 会议披露了大众汽车收集的 80 万电动汽车车主行踪信息暴露在互联网上数个月之久。这些信息保存在亚马逊 AWS 服务中，但安全性很差，信息暴露了车主汽车精确的 GPS 位置、电池状态和习惯（用报告者的话是汽车是否曾在妓院前停留都一目了然）。受影响的车主包括了德国政客、企业家、汉堡警方，甚至可能还有情报部门的间谍。软件 bug 是在 2024 年夏天引入的，一位匿名告密者发现了问题，报告给了混沌计算机俱乐部，混沌计算机俱乐部立即报告给了德国政府以及大众旗下的软件开发商 Cariad。Cariad 迅速修复了问题，堵上了对其客户数据未经授权的访问漏洞。