Aggregator

A vulnerability has been found in Apple watchOS and classified as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2023-40396. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Apple macOS up to 14.5. This vulnerability affects unknown code of the component Lockdown Mode. The manipulation leads to denial of service. This vulnerability was named CVE-2024-27862. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS and classified as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-27826. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS. It has been classified as critical. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-27826. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple watchOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-27826. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple visionOS. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-27826. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Apple tvOS. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-27826. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Your Playbook to a better Incident Response Plan

最新发现绕过浏览器隔离技术的攻击方法

A vulnerability classified as critical was found in Adobe Digital Editions 4.0. Affected by this vulnerability is an unknown functionality of the file adelogs.adobe.com of the component Encryption. The manipulation leads to information disclosure. This vulnerability is known as CVE-2014-8068. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Cisco AnyConnect Secure Mobility Client 3.1(.02043). This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2014-8021. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Cisco ASA up to 9.2(.3) and classified as problematic. This vulnerability affects unknown code of the component Tunnel Group Handler. The manipulation leads to improper access controls. This vulnerability was named CVE-2014-8023. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in Foxit PDF SDK ActiveX up to 4.0 and classified as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2014-8074. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Webmin and Usermin up to 1.590. Affected is an unknown function of the component PopUp Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2014-3884. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Thermostat up to 1.0.3. Affected is an unknown function. The manipulation leads to Local Privilege Escalation. This vulnerability is traded as CVE-2014-8120. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

据Cyber Security News消息，网络安全研究团队 Zafran 最近在 Web 应用程序防火墙 （WAF） 服务配置中发现了一个被称为“BreakingWAF”的安全漏洞，该漏洞容易让许多财富 100强、1000强的公司受到网络攻击。 该漏洞影响到一些最主流的 WAF 提供商，包括 Akamai、Cloudflare、Fastly 和 Imperva，并极有可能导致拒绝服务（DoS）攻击、勒索软件攻击，甚至是全面的应用程序入侵。 研究人员发现，漏洞导致的错误配置影响了涉及财富1000强公司相关的14多万个域。其中，3.6万个后端服务器有 8000 个域名与之相连，这些对潜在的攻击者开放，容易受到 DDoS 攻击。 根据分析，有近 40% 的 “财富 100 强 “企业和 20%  “财富 1000 强 “企业都受到了影响，这凸显了错误配置的普遍性。 一些全球知名企业，包括摩根大通、Visa、英特尔、伯克希尔·哈撒韦和联合健康等，都被发现受到了影响。比如，例如，研究团队的发现迅速披露了直接影响摩根大通主网站 chase.com 的问题；对伯克希尔·哈撒韦子公司 BHHC 拥有的一个网域进行的 20 秒钟拒绝服务攻击试验，展示了该漏洞的严重性。 根据 Zafran 的技术分析，缺陷在于现今 WAF 提供商的双重功能，它们也作为内容交付网络 (CDN) 运行，以增强网络可靠性和缓存。当后端服务器不能正确检查流量时，这种架构设计就会出现漏洞，让攻击者绕过 WAF 保护，直接攻击后端基础设施。比如，攻击者可以通过将外部域映射到后端 IP 地址来利用这一漏洞。 这一发现凸显了 WAF/CDN 解决方案在设计和实施过程中存在的系统性缺陷。 有效的 WAF 通常是面向公众的网络应用程序的主要或唯一防御层，因此这种错误配置尤其令人担忧。 最近的趋势表明，攻击者越来越多地瞄准配置不佳的网络应用程序。  此外，针对暴露在外的网络应用程序的云勒索软件攻击也越来越常见。 此类攻击造成的经济损失通常十分惊人，例如，一次持续一小时的 DDoS 攻击会给金融组织造成大约 180 万美元的损失，而类似的宕机时间给大型披萨连锁店造成的损失可能高达 190 万美元。 缓解措施 为了防范与这种 WAF 错误配置相关的风险，Zafran 概述了几种缓解策略： IP 白名单（源 IP 访问控制列表）： 只允许 CDN 提供商的 IP 地址访问后端服务器。 这种方法虽然简单，但并非万无一失； 自定义标头中的预共享密钥： 使用带有预共享密钥的自定义 HTTP 标头来验证流量。 虽然短期内有效，但这需要定期轮换密钥； 双向TLS（mTLS）：采用客户端认证来验证服务器和 CDN。 这是最安全的方法，但需要专门的工具，可能并非所有常用的负载均衡器都支持这些工具。 Zafran 从 2024 年 8 月 23 日开始启动了为期 90 天的协调披露流程，以通知受影响的公司。该团队向 Visa、英特尔、摩根大通、伯克希尔·哈撒韦公司的 BHHC 和联合健康报告了该漏洞。值得注意的是，摩根大通和联合健康已经解决了这个问题，防止了潜在的漏洞利用。     转自Freebuf，原文链接：https://www.freebuf.com/news/417317.html 封面来源于网络，如有侵权请联系删除

New AI Speaks Two Languages at Once and Just Might Crack AGI

韩国网络巨头 Naver 为其公有云服务推出了自己的发行版 Navix，将提供十年支持，其中前五年提供完整更新，后五年只提供安全和关键更新。Naver 的产品和服务范围类似 Google 和腾讯，包括搜索和门户，电子邮件、支付服务、电子商务、博客和公有云。它的搜索引擎市场份额在韩国高于 Google。Navix 针对的是企业级市场，兼容于 Redhat 的企业发行版 RHEL，基于 Linux 5.14 内核。