Aggregator

DarkHotel利用恶意软件为诱饵的攻击活动；APT28采用语言模型对乌克兰实施攻击；MuddyWater 在以伊冲突期间利用 DCHSpy；Gamaredon组织疑似瞄准目标政府部门的攻击行动分析

当前环境出现异常状态，需完成验证后方可继续访问。

这篇文章描述了错误代码521的原因、影响以及解决方法。

HackerNews 编译，转载请注明出处： 新型网络威胁：暗网社区（The Com） 非传统犯罪团伙的“暗网社区”（简称The Com）正快速蔓延至11-25岁青少年群体。该去中心化网络犯罪组织潜伏在Discord、Telegram及私人论坛，融合黑客技术、暴力行为与剥削活动。 美国联邦调查局（FBI）将其列为对青少年最紧迫的网络威胁之一，指出其行为动机仅为金钱、知名度、报复和剥削，而非任何正义诉求。 过去四年间，该组织犯罪手段持续升级，成员涉足性勒索、报假警（swatting）、儿童剥削及雇凶施暴等恶性犯罪，具体攻击手段包括： 分布式拒绝服务（DDoS）攻击 SIM卡劫持 勒索软件攻击 知识产权窃取 加密货币盗窃 成员通过屏幕共享炫耀犯罪所得（部分加密货币盗窃案值超百万美元），但内部相互倾轧严重，常沦为同伙作案目标。该组织无核心领袖或统一意识形态，但维持着邪教式帮派运作模式，预估有数千名活跃/前成员。FBI单日连发三份警报揭示其三大分支： 1. 黑客分支（Hacker Com） 专精技术犯罪，掌握远控木马、钓鱼工具包、VOIP电话、加密货币洗钱等技术，实施： 大规模数据窃取 政府邮箱账户倒卖 勒索软件部署 高调网络入侵 成员以技术实力和账户余额确立地位，频发内斗导致自身成为SIM劫持、加密货币盗窃目标。 2. 现实犯罪分支（IRL Com） 从SIM劫持拓展至实体暴力服务，明码标价提供： 枪击/绑架/抢劫 持刀伤人/暴力袭击 设备损毁（bricking） 通过社交媒体招募打手，并将报假警作为管控成员手段——违抗命令者及其家人可能成为目标。 3. 勒索分支（Extortion Com） 系统化剥削未成年女性及心理脆弱者，胁迫受害者： 制作自残/虐宠/色情内容 直播自杀行为 使用人肉搜索（doxxing）、报假警及现实暴力操控受害人，犯罪素材在组织内传播以持续勒索。主要通过青少年常用社交平台/游戏应用锁定10-17岁目标。 FBI安全建议 监督未成年人网络活动 避免公开隐私信息/含未成年人影像 启用多重验证及隐私设置 拒付勒索赎金（可能加剧侵害） 警惕行为突变、自残倾向、隐蔽网络关系等风险信号。立即通过FBI网络犯罪投诉中心或国家失踪与受虐儿童中心（NCMEC）举报，紧急情况拨打911。       消息来源：cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.4. Affected is an unknown function of the file net/ipv4/af_inet.c of the component tcp_bpf. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2024-56633. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.6.65/6.12.4. This affects the function close_work. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2024-56641. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been rated as critical. Affected by this issue is the function dev_map_free. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-56615. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.173/6.1.119/6.6.65/6.12.4. It has been rated as critical. This issue affects some unknown processing of the component sysfs. The manipulation leads to divide by zero. The identification of this vulnerability is CVE-2024-56622. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.119/6.6.65/6.12.4. Affected by this issue is the function drm_dp_sideband_append_payload. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-56616. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been declared as critical. Affected by this vulnerability is the function unpin_user_pages. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-56612. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.65/6.12.4. Affected is an unknown function of the component numa. The manipulation leads to memory leak. This vulnerability is traded as CVE-2024-56613. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.65/6.12.4. It has been rated as critical. This issue affects the function migrate_to_node of the component mempolicy. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-56611. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.4 and classified as critical. This vulnerability affects the function dcn21_link_encoder_create of the component AMD Display. The manipulation leads to improper validation of array index. This vulnerability was named CVE-2024-56608. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.4. It has been classified as critical. Affected is the function sock_init_data. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-56606. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

文章介绍了错误代码521的含义及其常见原因，并提供了相应的解决方法和预防措施。

HackerNews 编译，转载请注明出处： 荷兰司法系统遭黑客入侵事件中，俄罗斯背景的黑客被列为重点嫌疑对象。据荷兰《AD报》援引知情人士消息，有强烈迹象表明荷兰公共检察署（OM）的系统入侵事件系俄罗斯黑客所为。攻击者潜伏在司法部系统内数周未被察觉。 风险预警始于6月17日，当时检察署远程办公使用的第三方软件Citrix NetScaler被发现存在严重漏洞。该漏洞在通用漏洞评分系统（CVSS）中被评为9.3分，属于最高风险级别。检察署向《 Volkskrant 》报证实，虽已按建议更新系统，但有理由认为漏洞在修补前已被利用。 为阻断攻击，检察署主动断开内部计算机的互联网连接。据信黑客可能已潜伏数周，接触了包括在办警方调查案卷、未审结刑事案件卷宗及员工个人信息在内的高度敏感数据。目前尚不明确具体泄露的数据范围。 历史关联 此次并非荷兰首次遭俄罗斯黑客锁定。2024年5月，荷兰情报安全局（AIVD）已确认俄罗斯黑客窃取了数万名警察的个人数据。2024年9月，荷兰国家警察披露超过65,000名警员的联系方式通过“Cookie传递攻击”从服务器被盗——该技术通过伪造用户会话凭证实施入侵。       消息来源：cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

安卓系统新增终端应用支持运行Linux图形化软件，默认安装Debian系统。最新Canary版本通过显示活动和Weston命令实现图形界面显示，并可启用硬件加速提升性能。未来将支持更多操作系统和功能。

文章描述了错误代码521的含义及其常见原因和解决方法。

HackerNews 编译，转载请注明出处： 罗马尼亚与英国执法机构在欧洲刑警组织（Europol）和欧盟司法合作组织（Eurojust）支持下，成功捣毁一个通过ATM欺诈获利约58万欧元（约合68.1万美元）的犯罪网络。 欧洲刑警组织7月24日声明显示，两国调查人员首先收集了该犯罪团伙及其活动的证据，相关数据经欧洲刑警组织分析后，通过联合调查组（JIT）在行动会议中共享。在掌握充分证据后，执法人员于2024年12月在英国、2025年7月23日在罗马尼亚展开两次协同突袭，共搜查18处住所，逮捕两名嫌犯，并查获房产、豪华汽车、电子设备及现金。 此次行动参与机构包括罗马尼亚国家警察及检察署、英国皇家检察署及东区特别行动组。欧洲刑警组织派遣分析师赴罗马尼亚提供现场支持，欧盟司法合作组织则协助组建联合调查组、提供跨境司法协作，并协调罗马尼亚的行动部署。 欺诈手法解析 调查发现，犯罪团伙采用“交易撤销欺诈”（TRF）技术窃取ATM现金： 操作流程：拆除ATM屏幕→插入银行卡发起取款→现金即将吐出前取消交易→手动截留现金； 其他犯罪：涉及侧录设备盗刷、伪造支付卡与交通卡，以及通过“撞库攻击”软件识别卡号实施未授权交易获利。       消息来源：infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Linux Kernel up to 6.6.65/6.12.4. It has been declared as critical. This vulnerability affects the function last_level_cache_is_valid of the component cacheinfo. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-56617. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.