Aggregator

喜 报我刊入选中国科学引文数据库(Chinese Science Citation Database，简称C

HackerNews 编译，转载请注明出处： 应用安全公司PortSwigger研究主管詹姆斯·凯特尔（James Kettle）在周三举行的黑帽大会上公布了一种新型攻击方法。凯特尔与多名研究人员（包括漏洞赏金猎人团队）合作，识别受影响机构并告知其风险。 HTTP请求走私（亦称去同步攻击）利用Web服务器处理HTTP请求时的解析差异，使攻击者能将恶意请求“夹带”在合法请求中。该问题源于服务器（通常是充当负载均衡器或代理的前端服务器，与托管网站的后端服务器）如何界定HTTP请求结束及下一请求开始的位置。 攻击者可构造特殊请求，使其通过前端服务器转发至后端服务器，并诱使后端服务器误判该请求长度小于实际值，导致请求的残留部分滞留于连接缓冲区，并附加到后续请求中。攻击者可精心设计请求，确保恶意片段残留在连接缓冲区中，并附加到紧随其后的合法用户请求上。此类请求可被用于窃取受害者会话、将受害者重定向至虚假（钓鱼）网站、污染Web缓存以诱导服务器存储恶意页面并分发给其他用户。 HTTP请求走私漏洞存在已逾二十年，自2016年以来至少发现六种新变体。凯特尔发现的新变体利用HTTP/1.1协议弱点，涉及名为0.CL（CL.0的变种）的攻击手法。 凯特尔等人识别出多台受影响服务器，包括T-Mobile非生产服务器（该公司为此支付1.2万美元漏洞赏金）、暴露漏洞赏金报告提交内容的GitLab服务器（支付7000美元赏金）以及Netlify的CDN系统。研究人员随后发现多数目标使用Akamai的CDN服务，进一步分析证实根本原因在于Akamai基础设施漏洞。该公司将漏洞编号为CVE-2025-32094并迅速启动修复。Akamai支付9000美元赏金，并于周三发布技术细节博文。 凯特尔指出，此攻击导致几乎所有使用Akamai的企业（包括科技巨头、美国政府机构和SaaS提供商）面临用户凭证大规模泄露风险。Cloudflare也受到另一类基于HTTP/1.1弱点的请求走私攻击影响。研究人员发现，攻击者可操控受Cloudflare保护的数百万网站访问者重定向至其控制的站点。Cloudflare紧急修复该漏洞并支付7000美元赏金，同时发布博文详述问题及解决方案。 研究人员总计向数十家企业报告发现，获得漏洞赏金共27.6万美元。凯特尔在周三发布的博文中呼吁行业尽快从HTTP/1.1迁移至HTTP/2+协议，以从根本上解决此类攻击所依赖的协议缺陷。       消息来源：securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章描述了一个错误代码（521）的情况，通常与Cloudflare服务相关，表示服务器暂时无法提供服务。

A vulnerability was found in Microsoft Exchange Server and classified as critical. This issue affects some unknown processing. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2025-53786. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in libgcrypt and classified as problematic. Affected by this issue is some unknown functionality of the component RSA. The manipulation leads to observable timing discrepancy. This vulnerability is handled as CVE-2024-2236. The attack may be launched remotely. There is no exploit available.

微软和GitHub更新Visual Studio Code，加入GPT-5预览版功能，帮助开发者使用OpenAI旗舰模型编码。目前仅限GitHub Copilot付费用户使用，企业订阅需IT管理员批准。

HackerNews 编译，转载请注明出处： Microsoft Exchange客户收到关于一个新高危漏洞（CVE-2025-53786，CVSS评分为8.0）的警告，该漏洞可能允许攻击者在组织的互联云环境中提升权限。此漏洞影响本地版Microsoft Exchange服务器版本。 成功利用此漏洞的前提是攻击者需首先在Exchange混合部署环境中获得或拥有Exchange服务器的管理员权限。微软在8月6日的安全更新中指出：“在获取访问权限后，威胁行为者可利用此不当身份验证漏洞，实现组织混合云和本地环境的全域控制，且不留易于检测和审计的痕迹。”目前尚未发现漏洞利用尝试，但微软警告此类活动很可能发生。 微软敦促客户采取行动 微软强烈建议客户实施其2025年4月发布的《Exchange混合部署安全变更指南》及配套非安全补丁中的措施。“微软强烈建议客户阅读相关说明，安装2025年4月（或更新版本）的补丁，并在Exchange服务器及混合环境中实施变更措施。”这些变更特别针对Exchange混合部署环境。 曾配置Exchange混合身份验证或Exchange Server与Exchange Online组织间OAuth认证的用户（即使现已停用），必须重置共享服务主体的keyCredentials凭证。 美国网络安全和基础设施安全局（CISA）同期发布警报，警告该漏洞可能危及组织Exchange Online服务的身份完整性。除微软列出的修复步骤外，CISA建议各机构将已终止支持（EOL）或停止服务的公开版Exchange Server或SharePoint Server与互联网断开。“SharePoint Server 2013及更早版本已终止支持，若仍在运行应立即停用。”       消息来源：infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章描述了错误代码521的原因及其影响。该错误通常由Cloudflare引发，表明服务器暂时无法处理请求。可能的原因包括服务器过载、配置问题或网络连接中断。用户需检查网络状态、联系管理员或等待服务恢复以解决问题。

A vulnerability, which was classified as problematic, was found in VJInfotech WP Import Export Lite Plugin up to 3.9.26 on WordPress. This affects an unknown part. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2024-31308. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Cisco Secure Email. It has been rated as critical. Affected by this issue is some unknown functionality of the component Web-based Management Interface. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-20429. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco Secure Web Appliance. It has been rated as critical. This issue affects some unknown processing of the component CLI. The manipulation leads to execution with unnecessary privileges. The identification of this vulnerability is CVE-2024-20435. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in CodeRevolution Aiomatic Plugin up to 2.0.5 on WordPress. Affected by this vulnerability is the function aiomatic_send_email of the component Email Sending Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-5969. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in IBM Jazz for Service Management up to 1.1.3.22. It has been classified as problematic. This affects an unknown part. The manipulation leads to files or directories accessible. This vulnerability is uniquely identified as CVE-2024-47106. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Concert Software 1.0.0/1.0.1/1.0.2. It has been rated as problematic. This issue affects some unknown processing of the component API Call Handler. The manipulation leads to exposure of sensitive information due to incompatible policies. The identification of this vulnerability is CVE-2024-49354. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in ThemeREX Addons Plugin up to 2.33.0 on WordPress. Affected by this vulnerability is the function trx_sc_reviews of the component Shortcode Handler. The manipulation of the argument Type leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is known as CVE-2025-0682. The attack can be launched remotely. There is no exploit available.

A vulnerability has been found in Brizy Pro Plugin up to 2.6.1 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-22763. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in HashiCorp Vault and Vault Enterprise up to 1.15.14/1.16.9/1.17.5. This affects an unknown part of the component Engine Configuration Handler. The manipulation of the argument valid_principals/default_user leads to incorrect permission assignment. This vulnerability is uniquely identified as CVE-2024-7594. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in IBM Cloud Pak for Multicloud Management up to 2.3 FP8. Affected is an unknown function. The manipulation leads to sensitive information in log files. This vulnerability is traded as CVE-2023-46175. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

微软推出Windows 10 ESU扩展安全支持计划，允许个人用户最多绑定10台PC，并通过多种方式获取许可证。

HackerNews 编译，转载请注明出处： 创意与娱乐联盟（ACE）宣布关闭大型非法IPTV服务提供商Rare Breed TV，此前已与其运营商达成经济赔偿协议。 总部位于北卡罗来纳州的Rare Breed TV曾是全球最大的数字盗版运营平台之一，声称向订阅用户提供超过28,000个频道和10万部以上的电影及剧集访问权限。 ACE在周三声明：“作为协议的一部分，运营商将永久关闭其非法服务并支付巨额经济赔偿。Rare Breed IPTV是一个未经授权的流媒体平台，运营多年，提供数千个直播电视频道和包含逾14,000部作品的视频点播库——所有这些均未获得版权方许可。” “在成员制片公司的支持下，ACE锁定了Rare Breed背后的个人并在北卡罗来纳州与其取得联系。经ACE执法行动后，运营商同意停止侵权行为，支付经济赔偿，并承诺未来与ACE全面合作。” 但ACE声称盗版服务运营商同意关闭其非法IPTV平台之际，Rare Breed TV网站在本文发布时仍可访问，且持续提供15.99美元/月至79.99美元/年的订阅服务。今日早些时候，BleepingComputer联系ACE发言人时未能立即获得回应。 ACE是由全球50多家媒体娱乐公司组成的联盟，包括全球最大电影制片厂和电视网络，专注于打击非法流媒体服务。该组织还与执法机构（如美国司法部、欧洲刑警组织和国际刑警组织）合作，共同打击大规模非法流媒体网络。其理事会成员包括亚马逊、Apple TV+、环球影业、华特迪士尼影业、Netflix、派拉蒙环球、索尼影业和华纳兄弟探索等公司。 自2017年6月成立以来，ACE已成功取缔众多盗版平台，包括流媒体服务商Openload和Streamango、盗版IPTV服务Beast IPTV、影视盗版网站123movies.la以及全球最大动漫盗版网站Zoro.to。去年，该组织还协助判处了与非法流媒体服务Jetflicks相关的五名男子；关闭了自2015年运营以来获利数百万美元的盗版电视流媒体网络；捣毁了拥有超过2200万用户、月收入超2.63亿欧元（2.5亿美元）的盗版流媒体服务；并取缔了年访问量超8.21亿次的最大体育赛事盗版直播网络之一Markkystreams。 美国电影协会（MPA）执行副总裁拉丽莎·纳普周三补充道：“此次执法行动向全球盗版运营商传递了强烈信号——经营非法流媒体服务将面临严重后果，包括诉讼、巨额罚款和永久关停。”       消息来源：bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文