Aggregator

在这个信息爆炸的时代，开源情报已成为一种潮流和趋势。越来越多的人开始关注开源，参与到开源情报的行列中来。

创作不易呀，评论两句和加个关注吧PS：由于军事公众号封号非常严重，特战之家已经被封了两个号了（特战之家、极限

一名讲越南语的攻击者针对欧洲和亚洲的政府和教育实体部署了一种名为 PXA Stealer 、基于 Python 的新型恶意软件。

一、境外厂商产品漏洞 1、Google Pixel越界读取漏洞

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞420个，其中高危漏洞228个、中危漏洞167个、低危漏洞25个。

流行的 WordPress 备份插件 WP Time Capsule 存在一个严重漏洞，导致 20,000 多个网站容易被完全接管。 该漏洞（CVE-2024-8856）由安全研究员Rein Daelman发现，未经认证的攻击者可将任意文件上传到网站服务器。这意味着恶意行为者有可能注入后门、恶意软件，甚至完全控制网站。 该漏洞源于插件的 UploadHandler.php 文件缺乏文件类型验证，以及缺乏直接文件访问防护。这种危险的组合为攻击者提供了入侵易受攻击网站的直接途径。 该漏洞的 CVSS 得分为 9.8，被列为严重漏洞。这强调了网站所有者立即采取行动的紧迫性。 成功利用此漏洞可能导致 数据泄露： 攻击者可能窃取敏感的用户信息、财务数据或专有内容。 网站篡改： 恶意行为者可能会篡改网站内容，损害网站声誉和用户信任。 恶意软件传播： 网站可能被用来向毫无戒心的访问者分发恶意软件。 完全接管服务器： 攻击者可以完全控制托管网站的服务器。 WP Time Capsule 开发团队已在 1.22.22 版本中解决了这一漏洞。强烈建议所有用户立即更新到该版本。 以下是 WordPress 用户的一些基本最佳实践： 保持更新插件和主题： 定期将所有插件和主题更新到最新版本，以修补安全漏洞。 使用强大的密码： 为 WordPress 管理员账户和所有用户账户选择强大、唯一的密码。 实施双因素身份验证： 启用双因素身份验证，增加一层额外的安全性。 定期备份网站： 备份对于从安全事故或数据丢失中恢复至关重要。 选择信誉良好的插件： 只安装来源可靠、安全记录良好的插件。     转自安全客，原文链接：https://www.anquanke.com/post/id/301939 封面来源于网络，如有侵权请联系删除

A vulnerability classified as critical was found in Phpweather 2.2.2. Affected by this vulnerability is an unknown functionality of the file test.php of the component Weather. The manipulation of the argument language leads to path traversal. This vulnerability is known as CVE-2008-5771. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Thenetguys ASPired2Quote and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2008-5885. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in iyziforum iyzi Forum 1.0. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2008-5901. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in ASP-DEv Internal E-Mail System. Affected is an unknown function of the file login.asp of the component Login. The manipulation of the argument password leads to sql injection. This vulnerability is traded as CVE-2008-5926. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in CodeAvalanche FreeForum. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2008-5932. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Mariovaldez Simple Text-File Login Script 1.0.6. This issue affects some unknown processing in the library slogin_lib.inc.php of the component Login. The manipulation of the argument slogin_path leads to code injection. The identification of this vulnerability is CVE-2008-5763. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in TAKempis Discussion Web 4.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2008-5886. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

日前，全球领先的IT市场研究和咨询公司IDC发布了《中国公有云网络安全即服务市场份额，2023：规模稳步增长， […]

以“实用”为数字孪生靶场建设的最低标准和最高要求

代理人工智能（AI）正在崛起，但其安全风险也在增加。为了解如何利用其变革性力量，同时减轻潜在威胁，并应对其使用所带来的复杂安全环境。

总奖金池1,500,000元，期待您的加入！

A vulnerability classified as problematic was found in Mariovaldez Simple Text-File Login Script 1.0.6. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2008-5762. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to add further authentication.

A vulnerability has been found in China-on-site FlexPHPNews 0.0.6 and classified as critical. Affected by this vulnerability is an unknown functionality of the component UserCheck. The manipulation of the argument checkpass leads to sql injection. This vulnerability is known as CVE-2008-5927. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in TmaxSoft JEUS 5. Affected is the function :$DATA. The manipulation of the argument :$DATA leads to improper input validation. This vulnerability is traded as CVE-2008-6528. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.