Aggregator

Under-fire DNA testing firm 23andMe will pay $30m to settle class action lawsuit

A vulnerability classified as critical has been found in Apple tvOS up to 10.1. This affects an unknown part of the component WebKit. The manipulation leads to cross site scripting (Universal). This vulnerability is uniquely identified as CVE-2017-2475. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

#DC域 #AS-REP #TGT票证窃取 #AutoLogon凭据 #DCSync攻击

A vulnerability, which was classified as problematic, has been found in JSP and MySQL Administrador Web 1. This issue affects some unknown processing of the file sys/sys/listaBD2.jsp. The manipulation of the argument bd leads to cross site scripting. The identification of this vulnerability is CVE-2015-6945. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Franklinfueling Ts-550 Evo up to 2.0.0.6832. This affects an unknown part. The manipulation leads to credentials management. This vulnerability is uniquely identified as CVE-2013-7248. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Flappy Bird 手游原作者、越南开发者 Dong Nguyen 通过其社交媒体账号发表了简短声明，称他与最近准备重新上线的 Flappy Bird 的一个扩展版本无关，他没有卖掉游戏，也不支持加密货币。Flappy Bird 的一个扩展版本由名叫 Flappy Bird Foundation 的组织开发，根据该组织的描述，新游戏可能涉及到 Web 3.0、加密货币和 NFT。Flappy Bird Foundation 从 Gametech Holdings LLC 收购了 Flappy Bird 商标。Dong Nguyen 是在 2014 年申请了 Flappy Bird 商标，但因为种种原因在申请商标十年之后它被归类为已放弃，被美国特拉华州公司 Gametech 收购获得，现在则转移到了 Flappy Bird Foundation。

BEUC раскритиковал Fortnite и Minecraft за недобросовестные практики.

P. S. Квартира и дача останутся при вас.

德国主权科技基金（Sovereign Tech Fund）同意向 Samba 项目拨款 688,800 欧元，用于改进安全性、稳定性和功能性。这笔拨款将持续三年，由雇佣了多名 Samba 核心开发者并提供相关支持的 SerNet 公司管理。这笔拨款将集中在透明故障转移、SMB3 UNIX 扩展、现代安全协议如 SMB over QUIC 等领域上。此举旨在确保 Samba 仍然是一种稳固而安全的独立于私有软件的解决方案，同时提供了最优的互操作性。

A vulnerability was found in NT-ware MiCard PLUS Ci and MiCard PLUS BLE and classified as problematic. Affected by this issue is some unknown functionality of the component Login Handler. The manipulation leads to improper validation of specified type of input. This vulnerability is handled as CVE-2024-1578. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in Build it Fast. It has been declared as critical. This vulnerability affects unknown code of the file widget.BifRoot2.php. The manipulation of the argument sys_dir leads to Remote Code Execution. This vulnerability was named CVE-2007-2762. The attack can be initiated remotely. Furthermore, there is an exploit available.

Тест на робота превратился в ночной кошмар для пользователей.

I think I just figured out what art is. Took me decades. Here’s my definition, which has two prima

Атака признана одной из самых разрушительных в истории немецкой политики.

A vulnerability has been found in Mattermost Mobile Apps up to 2.18.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Autocomplete Handler. The manipulation leads to protection mechanism failure. This vulnerability is known as CVE-2024-45833. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in D-Link DIR-X4860 A1 1.00/1.04. Affected is an unknown function of the component Telnet Service. The manipulation leads to backdoor. This vulnerability is traded as CVE-2024-45697. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in ZTE ZXV10 W300. It has been classified as problematic. This affects an unknown part of the component Firmware. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2014-4154. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Cluster Bravo, despite its brief initial activity, subsequently targeted 11 organizations in the same region, as researchers found that these attackers used compromised environments within the same vertical for malware staging.  Cluster Charlie, after being disrupted, returned with new techniques, including using the HUI loader to inject Cobalt Strike beacons into mstsc.exe.  They employed open-source […]

The post Crimson Palace Returns With New Hacking Tolls And Tactics appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Enthrallweb ePages and classified as critical. Affected by this vulnerability is an unknown functionality of the file actualpic.asp. The manipulation of the argument Biz_ID leads to sql injection. This vulnerability is known as CVE-2006-6802. The attack can be launched remotely. Furthermore, there is an exploit available.

今天给大家推送美国政府问责局2024年9月14日发布的81页报告：《国际基础设施项目：中国投资大幅超过美国，专家建议对美国的方法进行潜在改进》