Aggregator

APT组织Lazarus 在Rootkit（获取内核权限）攻击中使用了微软的0day漏洞;APT组织Kimsuky利用软件公司产品安装程序进行伪装展开攻击;NoName057(16)组织DDoSia项目持续更新;

Also, Researchers Exploit Tesla Wall Connector Via Charging Cable
This week: Chinese Salt Typhoon hackers hit Viasat, researchers hacked a Tesla charger, Sitecore CMS flaws, Krispy Kreme disclosed hacking damage, Archetyp Market taken down. Episource disclosed a ransomware hack and Spain ruled out cyberattack for the April Iberian blackout.

Erie Insurance and Philadelphia Insurance Still Recovering From Separate Attacks
Statements by Erie Indemnity Co. and Philadelphia Insurance Companies indicate that voluntary decisions to disconnect their systems from the network - not ransomware encryption - have disrupted operations over the past 10 days since the carriers were hit with separate cyberattacks.

Passengers' Nuisance Claim Against CrowdStrike Barred by Airline Deregulation Act
A judge dismissed a suit against CrowdStrike over its 2024 outage, ruling the claims by airline passengers are preempted by the Airline Deregulation Act. The plaintiffs claimed damages for negligence and public nuisance. But the court found those claims were inseparable from the airlines' services.

Government Says Bill Will 'Pump 10 Billion Pounds' Into Economy
The UK government passed the Data Use and Access Bill that will introduce a host of privacy changes intended at making data processing more lenient with a motive to promote economic growth. Whether the EU will continue to find British law adequate enough is an open question.

Name: Season V, US Cyber Open Beginner's Game Room CTF (an PlayCyber event.)
Date: June 6, 2025, 9:30 p.m. — 19 June 2025, 23:59 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://www.uscybergames.com/
Rating weight: 0
Event organizers: Play Cyber

Name: Season V, US Cyber Open Competitive CTF (an PlayCyber event.)
Date: June 9, 2025, 8 p.m. — 19 June 2025, 23:59 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://www.uscybergames.com/
Rating weight: 0
Event organizers: Play Cyber

Name: DHM 2025 (an DHM event.)
Date: June 18, 2025, 8 a.m. — 19 June 2025, 17:00 UTC  [add to calendar]
Format: Jeopardy
On-site
Location: Germany, Heilbronn
Offical URL: https://hacking-meisterschaft.de/
Rating weight: 25.00
Event organizers: NFITS

走进美国联邦政府网络安全守门员的台前幕后。

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.7.1. Affected by this issue is the function k_ascii of the file drivers/tty/vt/keyboard.c. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2020-13974. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Linux Kernel up to 5.10.4. It has been classified as very critical. This affects the function mwifiex_cmd_802_11_ad_hoc_start of the file drivers/net/wireless/marvell/mwifiex/join.c of the component SSID Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2020-36158. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Google Android. This affects the function uvc_scan_chain_forward of the file uvc_driver.c. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2020-0404. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function nvmet_tcp_free_crypto of the file drivers/nvme/target/tcp.c of the component NVMe-oF Subsystem. The manipulation leads to double free. This vulnerability is known as CVE-2023-5178. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as very critical, has been found in Linux Kernel. Affected by this issue is the function io_uring of the component Local Privilege Handler. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-3910. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Linux Kernel. This vulnerability affects the function compare_netdev_and_ip of the file drivers/infiniband/core/cma.c of the component RDMA. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2023-2176. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Linux Kernel up to 6.7.3 on RHEL. Affected by this vulnerability is the function ipoib_mcast_join_task of the component ipoib. The manipulation leads to excessive iteration. This vulnerability is known as CVE-2023-52587. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function vhost_net_set_backend of the file drivers/vhost/net.c. The manipulation leads to use after free. The identification of this vulnerability is CVE-2023-1838. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.8-rc2. Affected is the function scsi_host_busy of the component scsi. The manipulation leads to deserialization. This vulnerability is traded as CVE-2024-26627. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in AMD CPU and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SMT Module. The manipulation leads to information disclosure. This vulnerability is known as CVE-2022-27672. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.6-rc6. Affected by this issue is the function svm_set_x2apic_msr_interception of the component KVM. The manipulation leads to improper check or handling of exceptional conditions. This vulnerability is handled as CVE-2023-5090. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.