Aggregator

月球表面布满了陨石坑，从微小的坑到直径逾 1,000 公里的巨大盆地。绝大部分陨石坑形成于 40 亿年前的“晚期重轰炸期（late heavy bombardment）”，当时太阳系内的行星和卫星受到大量小行星和彗星的高频率撞击。地球的风化、侵蚀和构造活动会不断重塑地表，而月球缺乏大气层和地质活动，使得撞击特征能保存数十亿年。在陨石坑形成过程中，大量喷出的月球物质达到了月球逃逸速度并最终抵达地球。根据发表在预印本平台 arXiv 的一篇论文，研究人员报告，在月球遭遇大量撞击之后，在 10 万年内有大约 22.6% 的喷出物质抵达了月球，其中半数发生在撞击之后的 1 万年内。从月球背面喷出的物质与地球撞击的几率最高，从月球正面喷出的物质与地球撞击几率最低。

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment

 Tom Sheehan (Hurricane Labs Director of Cybersecurity Consulting and Compliance) attended the inaugural Horizon3 Global Partner summit last week.  This event brought together the brightest minds and boldest innovators in cybersecurity for a day of education, collaboration, and vision. Held in Frisco Texas, the event spotlighted Horizon3.ai’s evolving impact on security, showcasing a community [...]

The post Driving the Future of Cybersecurity: Highlights from the Horizon3 Global Partner Summit appeared first on Hurricane Labs.

The post Driving the Future of Cybersecurity: Highlights from the Horizon3 Global Partner Summit appeared first on Security Boulevard.

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising strategies. Recent investigations have uncovered a disturbingly effective method involving fake software downloads, such as a counterfeit “WinSCP” installer, propagated through malicious ads on platforms like Bing. One documented case revealed a user searching for “WinSCP download” via Microsoft Edge being […]

The post Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Dan Gorecki and Scott Brammer's interactive session during RSAC Conference 2025 encouraged security professionals to rethink their security postures and address evolving and emerging risks.

Google Threat Intelligence Group (GTIG)报告，2024 年检测到 75 个 0day，低于 2023 年的 98 个。其中 Windows 最多从 16 个增加到 22 个，Safari 和 iOS 的 0day 从 2023 年的 11 个和 9 个分别降至 3 个和 2 个。Android 7 个和 2023 年持平，Chrome 也是 7 个。Firefox 一个，俄罗斯黑客组织 CIGAR 利用 CVE-2024-9680 针对 Firefox 和 Tor 浏览器窃取用户数据。Google 表示成功追踪了 75 个 0day 中的 34 个，大部分攻击来自政府支持的组织，主要是窃取情报而不是出于经济动机，其中包括中国和朝鲜。

A vulnerability, which was classified as critical, was found in Tenda AC1200 15.11.0.10(1576). This affects the function setRemoteWebManage. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-42058. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Tenda AC1200 15.11.0.10(1576). It has been declared as critical. Affected by this vulnerability is the function setIPsecTunnelList. The manipulation of the argument IPsecLocalNet/IPsecRemoteNet leads to command injection. This vulnerability is known as CVE-2022-41396. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Tenda AC1200 15.11.0.10(1576). Affected is the function setDMZ. The manipulation of the argument dmzHost leads to command injection. This vulnerability is traded as CVE-2022-41395. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as critical was found in Tenda AC1200 15.11.0.10(1576). Affected by this vulnerability is the function setPortMapping. The manipulation of the argument PortMappingServer leads to command injection. This vulnerability is known as CVE-2022-42053. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in Pipeline Utility Steps Plugin up to 2.13.1 on Jenkins and classified as critical. This issue affects some unknown processing of the component Controller File System Handler. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2022-45381. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in JUnit Plugin up to 1159.v0b_396e1e07dd on Jenkins. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2022-45380. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in insyde Kernel and classified as critical. Affected by this vulnerability is an unknown functionality of the component UsbCoreDxe. The manipulation leads to memory corruption. This vulnerability is known as CVE-2022-29275. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in insyde Kernel and classified as critical. Affected by this issue is some unknown functionality of the component AhciBusDxe. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2022-29276. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in insyde Kernel. It has been classified as critical. This affects an unknown part of the component NvmExpressDxe Driver. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2022-29278. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in insyde Kernel. It has been declared as critical. This vulnerability affects unknown code of the component SdMmcDevice. The manipulation leads to memory corruption. This vulnerability was named CVE-2022-29279. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in insyde Kernel. It has been rated as critical. This issue affects some unknown processing of the component UsbCoreDxe. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2022-30283. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Canteen Management System 1.0. Affected by this issue is some unknown functionality of the file /pages/save_user.php. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2022-43265. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in insyde Kernel. This vulnerability affects unknown code of the component FwBlockServiceSmm Driver. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2022-29277. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat actors in investment scams, which, according to the Federal Trade Commission (FTC), resulted in a record-breaking loss of US$5.7 billion in 2024-a 24% surge from the previous year. These scams, often disguised as legitimate opportunities such as cryptocurrency exchanges, leverage advanced […]

The post Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.