Aggregator

The energy sector is ground zero for global cyber activity

Help Net Security
8 months 3 weeks ago

A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How the research was done Researchers reviewed major cyber threat databases including MITRE ATT&CK Groups, CSIS, ThaiCERT, Malpedia, EuRepoC, and the AI Incident Database. Each source reports information differently. Some use structured formats like JSON or tables that are easy to analyze. Others rely on long descriptive text that is harder … More →

The post The energy sector is ground zero for global cyber activity appeared first on Help Net Security.

Sinisa Markovic

Shutdown Snares Federal Cybersecurity Personnel

DataBreachToday.com
8 months 3 weeks ago
US Cyber Defense Agency Faces 65% Furlough Rate Amid Federal Shutdown
The U.S. federal government shutdown has slashed staff at the nation's cyber defense agency and other key cyber entities, freezing daily operations, stalling grants and weakening threat coordination as state and local systems brace for lapses in federal support.

Google Drive Desktop Gets AI-Powered Ransomware Detection to Block Cyberattacks

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months 3 weeks ago

Google has unveiled a groundbreaking AI-powered ransomware detection system for its Drive desktop application, representing a significant advancement in cybersecurity protection for organizations worldwide. This innovative feature automatically halts file synchronization when malicious encryption attempts are detected, preventing widespread data corruption across enterprise networks. Google Drive desktop ransomware detection alert with file syncing paused and […]

The post Google Drive Desktop Gets AI-Powered Ransomware Detection to Block Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Gunra

Dark Feed IO
8 months 3 weeks ago

You must login to view this content

cohenido

Biotech platforms keep missing the mark on security fundamentals

Help Net Security
8 months 3 weeks ago

A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than two hours per company to uncover exposed genomic records, unprotected APIs, and misconfigured systems, according to Sekurno. Real-world timeline showing how attackers could pivot from passive reconnaissance to accessing sensitive genomic data in under 2 hours. APIs exposing sensitive data APIs were the most common weakness, accounting for 34% … More →

The post Biotech platforms keep missing the mark on security fundamentals appeared first on Help Net Security.

Anamarija Pogorelec

Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Unauthorized JavaScript code

Cyber Security News
8 months 3 weeks ago

Splunk has released patches for multiple vulnerabilities in its Enterprise and Cloud Platform products, some of which could allow attackers to execute unauthorized JavaScript code, access sensitive information, or cause a denial-of-service (DoS) condition. The advisories, published on October 1, 2025, detail six security flaws, with severity ratings ranging from Medium to High. The most […]

The post Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Unauthorized JavaScript code appeared first on Cyber Security News.

Guru Baran

CVE-2024-50249 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 CPPC sugov_update_shared stack-based overflow (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability labeled as critical has been found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Affected is the function sugov_update_shared of the component CPPC. Executing manipulation can lead to stack-based buffer overflow. This vulnerability appears as CVE-2024-50249. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2024-50250 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 fsdax dax_unshare_iter pos/len return value (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability marked as problematic has been reported in Linux Kernel up to 6.1.115/6.6.59/6.11.6. Affected by this vulnerability is the function dax_unshare_iter of the component fsdax. The manipulation of the argument pos/len leads to unchecked return value. This vulnerability is traded as CVE-2024-50250. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2024-50252 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 spectrum_ipip reference count (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.115/6.6.59/6.11.6 and classified as problematic. The impacted element is an unknown function of the component spectrum_ipip. The manipulation results in improper update of reference count. This vulnerability is identified as CVE-2024-50252. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2024-50244 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 ni_clear uninitialized pointer (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. It has been rated as problematic. This affects the function ni_clear of the component ntfs3. The manipulation leads to uninitialized pointer. This vulnerability is listed as CVE-2024-50244. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2024-50247 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. This vulnerability affects unknown code of the component ntfs3. The manipulation results in out-of-bounds read. This vulnerability is cataloged as CVE-2024-50247. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-50255 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 __hci_cmd_sync_sk null pointer dereference (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.115/6.6.59/6.11.6. This affects the function __hci_cmd_sync_sk. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-50255. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50245 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 ni_lock_dir deadlock (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Affected is the function ni_lock_dir of the component ntfs3. This manipulation causes deadlock. This vulnerability is handled as CVE-2024-50245. The attack can only be done within the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-50259 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 netdevsim nsim_nexthop_bucket_activity_write out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3397)

Vuldb Updates
8 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Impacted is the function nsim_nexthop_bucket_activity_write of the component netdevsim. Executing manipulation can lead to out-of-bounds read. The identification of this vulnerability is CVE-2024-50259. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2024-50254 | Linux Kernel up to 6.11.6 bpf_iter_bits_destroy iteration (9cee266fafaf/101ccfbabf47 / Nessus ID 216493)

Vuldb Updates
8 months 3 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.11.6. This affects the function bpf_iter_bits_destroy. This manipulation causes excessive iteration. This vulnerability is handled as CVE-2024-50254. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50253 | Linux Kernel up to 6.11.6 bpf_iter_bits_new nr_words stack-based overflow (c9539e09c678/393397fbdcad / Nessus ID 216493)

Vuldb Updates
8 months 3 weeks ago
A vulnerability described as critical has been identified in Linux Kernel up to 6.11.6. Affected by this issue is the function bpf_iter_bits_new. The manipulation of the argument nr_words results in stack-based buffer overflow. This vulnerability is known as CVE-2024-50253. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.
vuldb.com

CVE-2024-50239 | Linux Kernel up to 6.6.59/6.11.6 qmp-usb-legacy null pointer dereference (7e8066811a2c/b1cffd00daa9/29240130ab77 / Nessus ID 216493)

Vuldb Updates
8 months 3 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.6.59/6.11.6. This affects an unknown function of the component qmp-usb-legacy. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2024-50239. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

Managed ad