Aggregator

Chrome Buffer Overflow Flaws Let Hackers Execute Arbitrary Code & Gain System Access

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 year 4 months ago

Google has rolled out an urgent security update for its Chrome browser, patching three vulnerabilities—including two critical heap buffer overflow flaws—that could enable attackers to execute arbitrary code and seize control of affected systems. The update (version 133.0.6943.126/.127 for Windows/Mac and 133.0.6943.126 for Linux) follows the discovery of exploits in Chrome’s V8 JavaScript engine, GPU […]

The post Chrome Buffer Overflow Flaws Let Hackers Execute Arbitrary Code & Gain System Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Cyber hygiene habits that many still ignore

Help Net Security
1 year 4 months ago

Cybersecurity advice is everywhere. We’re constantly reminded to update our passwords, enable two-factor authentication, and avoid clicking suspicious links. Yet, beneath these practical steps lie deeper cyber hygiene habits that, despite their importance, are frequently overlooked. These underlying mindsets and systemic behaviors shape the security landscape. 1. Treating digital security as a habit, not a checklist Most cybersecurity recommendations are framed as tasks: update software, change passwords, verify emails. But proper cyber hygiene isn’t about … More →

The post Cyber hygiene habits that many still ignore appeared first on Help Net Security.

Help Net Security

CVE-2024-43743 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69 / Nessus ID 212264)

Vuldb Updates
1 year 4 months ago
A vulnerability was found in Adobe Experience Manager up to 6.5.21. It has been classified as problematic. Affected is an unknown function of the component Form Field Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-43743. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-43748 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69 / Nessus ID 212264)

Vuldb Updates
1 year 4 months ago
A vulnerability classified as problematic has been found in Adobe Experience Manager up to 6.5.21. This affects an unknown part of the component Form Field Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-43748. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-43749 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69 / Nessus ID 212264)

Vuldb Updates
1 year 4 months ago
A vulnerability classified as problematic was found in Adobe Experience Manager up to 6.5.21. This vulnerability affects unknown code of the component Form Field Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-43749. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-43750 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69 / Nessus ID 212264)

Vuldb Updates
1 year 4 months ago
A vulnerability, which was classified as problematic, has been found in Adobe Experience Manager up to 6.5.21. This issue affects some unknown processing of the component Form Field Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-43750. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The Hackers News
1 year 4 months ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below - CVE-2025-0108 (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS
The Hacker News

Steam下架带恶意软件的免费游戏——PirateFi 游戏安装窃取密码的恶意软件

嘶吼
1 year 4 months ago

最新发现,Steam商店中一款名为PirateFi的免费游戏一直在向用户传播Vidar信息窃取恶意软件。

在2月6日至2月12日期间,这款游戏在Steam目录中出现了近一周的时间,并被多达1500名用户下载。分发服务正在向可能受到影响的用户发送通知,建议他们重新安装Windows。

Steam上的恶意软件

上周,Seaworth Interactive在Steam上发布了《PirateFi》,并获得了积极评价。它被描述为一款以低多边形世界为背景的生存游戏,涉及基地建设、武器制作和食物收集。

PirateFi的Steam页面

本周,Steam发现这款游戏含有恶意软件,但并未指明具体类型。通知中写道:“这款游戏开发者的Steam账户上传了包含可疑恶意软件的构建。”

用户在Steam上玩PirateFi(3476470)时,这些构建是活跃的,所以这些恶意文件很可能在用户的计算机上启动。Steam建议用户使用最新的防病毒软件运行完整的系统扫描,检查他们不认识的新安装的软件,并考虑操作系统格式。

Steam对受影响用户的通知

受影响的用户还在游戏的Steam社区页面上发布了安全提醒,通知其他人不要启动该游戏,因为他们的杀毒软件将其识别为恶意软件。

SECUINFRA Falcon Team的Marius Genheimer获得了通过PirateFi传播的恶意软件样本,并将其识别为Vidar伪造软件的一个版本。

SECUINFRA建议:“如果你是下载这个“游戏”的玩家之一:考虑保存在浏览器、电子邮件客户端、加密货币钱包等中的凭据、会话cookie和秘密被泄露。”建议用户更改所有可能受影响帐户的密码,并在可能的情况下激活多因素身份验证保护。

基于动态分析和YARA签名匹配,该恶意软件被识别为Vidar,隐藏在一个名为Pirate.exe的文件中,作为有效载荷(Howard.exe),与InnoSetup安装程序打包在一起。

攻击者多次修改游戏文件,使用各种混淆技术,并更改命令和控制服务器以获取凭据。研究人员认为,PirateFi名称中提到的web3/ b区块链/加密货币是有意为之,目的是吸引特定的玩家群体。

Steam并没有公布有多少用户受到了PirateFi恶意软件的影响,但游戏页面上的统计数据显示,可能有多达1500人受到了影响。

恶意软件渗透Steam商店并不常见,但也不是没有先例。在2023年2月,Steam用户受到了恶意Dota 2游戏模式的攻击,该模式利用Chrome n-day漏洞在玩家的计算机上执行远程代码执行。

2023年12月,当时很受欢迎的独立策略游戏《Slay the Spire》的一个mod被黑客入侵,黑客将“Epsilon”信息传输器注入其中。

目前Steam已经引入了其他措施,如开启短信验证等,以保护玩家免受未经授权的恶意更新,但PirateFi的案例表明,目前这些措施还远远不够。

胡金鱼

Managed ad