Aggregator

麒麟软件公司本周宣布发布银河麒麟桌面操作系统 V11。V11 使用 Linux 6.6 内核，支持英特尔和 AMD CPU，支持 8 款国产 CPU 和 7 款国产 GPU。麒麟软件党委书记兼董事长谌志华表示，银河麒麟是使用率最高的国产操作系统，安装量达到了 1600 万。Linux 6.6 是 2023 年发布的 LTS 版本，其支持将于 2026 年 12 月结束；2020 年发布的银河麒麟 V10 使用 Linux 4.19，其支持已于 2024 年 12 月结束。麒麟软件对于使用不再支持的内核版本已经有了经验。

Interpol arrests 1200 cybercrime suspects, UpCrypter spreads via fake voicemails to drop RATs, and Salt Typhoon exploits routers for global espionage.

Creators, Authors and Presenters: Ankur Tyagi, Mayuresh Dani

Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: Decentralized Communications: Deep-Dive Into APRS And Meshtastic appeared first on Security Boulevard.

A vulnerability classified as critical has been found in X.Org up to 1.19.0. This affects the function MitCheckCookie of the component MIT Cookie Handler. Performing manipulation results in information disclosure. This vulnerability is identified as CVE-2017-2624. The attack is only possible with local access. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in X.Org up to 1.19.0. This vulnerability affects the function XdmToID of the file os/auth.c of the component XDM. Executing manipulation can lead to information disclosure. This vulnerability is tracked as CVE-2017-2624. The attack is restricted to local execution. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in X.org libXdmcp up to 1.1.2. This issue affects the function XdmcpGenerateKey of the component Session Key Handler. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2017-2624. The attack must be carried out locally. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability has been found in X.org 1.19.0 and classified as problematic. The affected element is an unknown function of the component Entropy. This manipulation causes information disclosure. This vulnerability is registered as CVE-2017-2624. The attack needs to be launched locally. No exploit is available. The affected component should be upgraded.

A vulnerability labeled as critical has been found in X.org X11 Server up to 1.19.4. Affected by this issue is some unknown functionality of the component XFIXES Extension. Such manipulation leads to unchecked error condition. This vulnerability is listed as CVE-2017-12183. The attack must be carried out locally. There is no available exploit. The affected component should be upgraded.

A vulnerability marked as critical has been reported in X.org X11 Server up to 1.19.4. This affects an unknown part of the component XINERAMA Extension. Performing manipulation results in unchecked error condition. This vulnerability is cataloged as CVE-2017-12184. The attack must be initiated from a local position. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in X.org X11 Server up to 1.19.4. This vulnerability affects unknown code of the component MIT-SCREEN-SAVER Extension. Executing manipulation can lead to unchecked error condition. This vulnerability is registered as CVE-2017-12185. The attack needs to be launched locally. No exploit is available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in X.org X11 Server up to 1.19.4. This issue affects some unknown processing. The manipulation leads to unchecked error condition. This vulnerability is documented as CVE-2017-12186. The attack needs to be performed locally. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in X.org X11 Server up to 1.19.4. Impacted is an unknown function of the component RENDER Extension. The manipulation results in unchecked error condition. This vulnerability is reported as CVE-2017-12187. The attack requires a local approach. No exploit exists. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in X.org X11 Server up to 1.20.2. This vulnerability affects unknown code of the component Permission Check. This manipulation causes improper access controls. This vulnerability appears as CVE-2018-14665. The attack requires local access. In addition, an exploit is available. You should upgrade the affected component.

A vulnerability described as problematic has been identified in Xorg-server up to 1.20.8. Impacted is an unknown function of the component X Client Handler. The manipulation results in information disclosure (Memory). This vulnerability was named CVE-2020-14347. The attack needs to be approached locally. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in X.org X11 Server up to 1.20.8. This affects an unknown part of the component X Input Extension Protocol Decoder. This manipulation causes integer overflow. This vulnerability is handled as CVE-2020-14346. It is possible to launch the attack on the local host. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in X.org X11 Server up to 1.20.8. This vulnerability affects unknown code. Such manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2020-14361. Local access is required to approach this attack. No exploit exists. Upgrading the affected component is advised.

A TransUnion data breach exposed 4.4 million US consumers’ Social Security numbers via a Salesforce hack. The attack…

Since its emergence in February 2025, the NightSpire ransomware group has rapidly distinguished itself through a sophisticated double-extortion strategy that combines targeted encryption with public data leaks. Initially surfacing in South Korea, the group leveraged vulnerabilities in corporate networks to gain initial access, often exploiting outdated VPN appliances and unpatched Remote Desktop Protocol services. Once […]

The post NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems appeared first on Cyber Security News.

A sophisticated malware campaign has emerged targeting users seeking free PDF editing software, with cybercriminals distributing a malicious application masquerading as the legitimate “AppSuite PDF Editor.” The malware, packaged as a Microsoft Installer (MSI) file, has been distributed through high-ranking websites designed to appear as legitimate download portals for productivity tools. These deceptive sites share […]

The post AppSuite PDF Editor Hacked to Execute Arbitrary Commands on The Infected System appeared first on Cyber Security News.

История самой масштабной операции кибершпионажа в Азии.