Aggregator

A vulnerability was found in Adobe Flash Player. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-4161. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

所谓必修漏洞，就是运维人员必须修复、不可拖延、影响范围较广的漏洞，被黑客利用并发生入侵事件后，会造成十分严重的后果。腾讯安全威胁情报中心参考“安全漏洞的危害及影响力、漏洞技术细节披露情况、该漏洞在安全

A vulnerability classified as critical was found in Limbo CMS 1.0.4.2. Affected by this vulnerability is an unknown functionality of the file class_auth.php. The manipulation of the argument cookie leads to sql injection. This vulnerability is known as CVE-2008-0734. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in DomPHP 0.82. Affected is an unknown function. The manipulation of the argument page leads to path traversal. This vulnerability is traded as CVE-2008-0745. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Mambo Com Gallery and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2008-0746. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in COWON America Jetaudio Basic up to 7.0.5 and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2008-0747. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Sony ImageStation 1.0.0.38. It has been classified as very critical. This affects an unknown part in the library axruploadserver.dll of the file sonyisupload.cab of the component ActiveX Control. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2008-0748. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Neogallery 1.1 on Joomla. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument catid leads to sql injection. This vulnerability is known as CVE-2008-0752. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Com Noticias 1.0 on Joomla. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2008-0670. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in PowerScripts PowerNews 2.5.6. This affects an unknown part of the file categories.inc.php. The manipulation of the argument page leads to path traversal. This vulnerability is uniquely identified as CVE-2008-0742. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. [...]

A vulnerability was found in Freedesktop spice-gtk and classified as critical. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2012-4425. An attack has to be approached locally. Furthermore, there is an exploit available.

Brazil’s Polícia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil’s Polícia Federal (PF) announced the arrest in Belo Horizonte/MG of the notorious hacker USDoD. In August, a CrowdStrike investigation revealed that the hacker USDoD (aka EquationCorp), who is known for high-profile data leaks, is a man from Brazil. The […]

A vulnerability was found in McAfee Cloud Single Sign On. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2014-2586. The attack can be launched remotely. Furthermore, there is an exploit available.

Security Teams Need Support, Mental Health Resources and a Focus on Resilience
Managing the aftermath of a cybersecurity incident can be grueling, and the intense pressure placed on these individuals can take a toll. Stress in the cybersecurity field, particularly post-incident, is a well-documented issue that many professionals quietly struggle with.

New Features From Structure101 Simplify Code Structure, Future-Proof Development
Sonar has integrated Structure 101's design expertise into its platform, enhancing code architecture and reducing dependency issues. This update helps developers streamline workflows and minimize long-term software evolution costs, ensuring good code management across multiple programming languages.

FBI Disrupted DDoS Group in March
Two Sudanese brothers are under criminal indictment in the United States for their role in distributed denial-of-service attacks launched under the moniker of Anonymous Sudan. Among the group's targets were a major Los Angeles hospital and Microsoft.

Most IT Restored, But UHG Is Still Catching Up and Aiming to Win Back Clients
UnitedHealth Group has raised its estimates to nearly $2.9 billion for the total costs this fiscal year of the cyberattack on its Change Healthcare IT services unit. UHG said it is also working to catch up with claims processing and to win back clients disenfranchised by the attack.

New NCSC Chief Also Warns of Threefold Increase in Severe Cyberattacks
The U.K. experienced a 50% spike in cybersecurity incidents posing national security risks this year, according to NCSC CEO Richard Horne. Growing advancements in emerging tech are widening the gap between offensive and defensive cyber capabilities, he warned.