Aggregator

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 2.6.11.9. Affected by this issue is the function raw_ioctl. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2005-1589. The attack can only be done within the local network. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Caucho Technology Resin 1.2.2. It has been rated as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation with the input \.. leads to path traversal. The identification of this vulnerability is CVE-2001-0304. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Мнения участников рынка расходятся по ключевым вопросам.

A vulnerability, which was classified as problematic, has been found in mod_ssl 2.8.9. This issue affects the function ssl_compat_directive of the component Hook Handler. The manipulation leads to off-by-one. The identification of this vulnerability is CVE-2002-0653. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Cybersecurity experts are sounding the alarm over a new strain of malware dubbed “I2PRAT,” which leverages encrypted peer-to-peer (P2P) communication via the Invisible Internet Project (I2P) network to avoid detection. The malware, first reported on November 19 by the researcher Gi7w0rm, demonstrates a highly sophisticated infection chain and innovative evasion techniques, raising concerns among the […]

The post New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Recently, DFIR consult

Соцсети на виду у всех заменили темные переулки.

The suspects were apprehended in a surprise operation at their hideout in Lagos following intelligence received by Nigeria's Economic and Financial Crimes Commission

The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files. The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a "rogue RDP" technique that was previously

Cyber Espionage / MalwareThe Russia-linked APT29 threat actor has been observed repurposing a legi

美国国土安全部 (DHS) 相信俄罗斯、伊朗和以色列是利用电信网络安全漏洞监视美国境内居民的主要国家，它们的行为包括跟踪居民的物理位置、拦截电话和短信。跟踪物理位置利用的是 SS7 协议。七号信令系统（SS7，Signaling System Number 7）是路由协议，允许手机用户在外国旅行时从一个运营商无缝连接到另一个运营商。它缺乏安全验证，容易被利用去实时定位用户。安全研究人员很早就报告了 SS7 的漏洞。

美国国土安全部 (DHS) 相信俄罗斯、伊朗和以色列是利用电信网络安全漏洞监视美国境内居民的主要国家，它们的行为包括跟踪居民的物理位置、拦截电话和短信。跟踪物理位置利用的是 SS7 协议。

Hulphond Nederland heeft gisteren een donatie van €44.200,- gekregen. Een bijdrage die bijeen werd gespaard door alle medewerkers van Defensie. Dat gebeurde door het inleveren van plastic drinkflesjes en blikjes.