Aggregator

Дмитровский полигон станет площадкой для тестов киберзащиты.

UNC2465, a financially motivated threat actor, leverages the SMOKEDHAM backdoor to gain initial access to target networks, which are often delivered via phishing emails, trojanized software, or supply chain attacks, enabling persistence and lateral movement.  Once in the network, UNC2465 utilizes tools like Advanced IP Scanner and BloodHound for reconnaissance, RDP for lateral movement, and […]

The post SMOKEDHAM Backdoor Mimic As Legitimate Tools Leveraging Google Drive & Dropbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

T-Mobile reported recent infiltration attempts but pointed out that threat actors had no access to its systems and no sensitive data was compromised. T-Mobile detected recent infiltration attempts but confirmed no unauthorized system access occurred, and no sensitive data was compromised. The carrier is investigating reports that are linking it to “Salt Typhoon” cyberattacks tied […]

Helldown Ransomware, a sophisticated cyber threat, actively targets critical industries worldwide by leveraging advanced cross-platform capabilities, including Windows and Linux, to encrypt files and exploit system vulnerabilities.  Its modular design and anti-detection techniques enable continuous evolution and persistent attacks, which makes it a significant threat to global cybersecurity, demanding immediate attention and robust mitigation strategies. […]

The post Helldown Ransomware Attacking Windows And Linux Servers Evading Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

APT-C-60 launched a phishing attack in August 2024, targeting domestic organizations with malicious emails disguised as job applications. These emails, sent to recruitment departments, contained malware designed to compromise systems and potentially steal sensitive data.  The attack leverages a targeted phishing email to distribute a malicious VHDX file hosted on Google Drive. Once mounted, the […]

The post APT-C-60 Attacking HR Department With Weaponized Resumes appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Неочевидный риск, который оказался критическим.

我是见识过惨剧后再次好心提醒诸位

腾讯宣布将于 2026 年终止任天堂旗舰游戏机 Nintendo Switch 的网络相关服务。腾讯和任天堂于 2019 年联合推出 Switch。但中国的主流游戏是手游，Switch一直难以渗透。腾讯将于 2026 年 3月 底停止软件的在线销售，同年 5 月 15 日不再提供软件下载。联网对战和社交分享等网络服务也将于同一天停止。期间用户可免费下载《马里奥》和《精灵宝可梦》等约 10 款相关游戏中的4款。免费下载服务从 11 月 27 日上午开始，预计截 至 2026 年 5 月 15 日。

抗生素抵抗日益成为全球的一大健康风险。发表在 PNAS 期刊上的一项研究调查了 2016-2023 年间 67 个国家的抗生素消费趋势，发现期间总消费量增加了 16.3%，从 295 亿 DDDs 增加到 343 亿 DDDs（DDD 代表 defined daily doses 或限定日剂量）。平均抗生素消费率增加了 10.6%，从每天每千名居民 13.7 个 DDDs 增加到 15.2 个 DDDs。中等收入国家（包括中低收入国家和中低收入国家）的消费率增长了 18.6%，而高收入国家的消费率下降了 4.9%。2019 冠状病毒大流行影响显著，2020 年消费量大幅下降，特别是在高收入国家（- 17.8%），然后中等收入国家出现反弹。抗生素消费增幅最大的国家是中等收入国家，特别是越南等中低收入国家，增幅超过一倍，以及泰国和中美洲等中低收入国家。

A vulnerability was found in WP WOX Footer Flyout Widget Plugin up to 1.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-53732. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in WP Mailster Plugin up to 1.8.16.0 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-53737. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Rohit Harsh Fence URL Plugin up to 2.0.0 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-53733. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Fintelligence Calculator Plugin up to 1.0.3 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-53731. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in WP-speedup Block Editor Bootstrap Blocks Plugin up to 6.6.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-11402. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Idealien Studios Idealien Category Enhancements Plugin up to 1.2 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-53734. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Pathomation Plugin up to 2.5.1 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-52490. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Jason Grim Custom Shortcode Sidebars Plugin up to 1.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-53736. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Automation Web Platform Wawp Plugin up to 3.0.17 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2024-52475. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.