Aggregator

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.41/6.4.6. The impacted element is the function release_folio of the file generic/476. Such manipulation leads to buffer overflow. This vulnerability is documented as CVE-2023-53247. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.0.2. The affected element is the function nbd_start_device_ioctl of the component nbd. This manipulation causes denial of service. This vulnerability is registered as CVE-2022-50314. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.0.2. Impacted is the function dump_stack. The manipulation results in allocation of resources. This vulnerability is cataloged as CVE-2022-50271. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.85/6.0.15/6.1.1. This issue affects the function vfs_lock_file. The manipulation leads to privilege escalation. This vulnerability is listed as CVE-2022-50302. The attack must be carried out from within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.1. This vulnerability affects the function hswep_has_limit_sbox. Executing manipulation can lead to improper update of reference count. This vulnerability is tracked as CVE-2022-50318. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.0.5. It has been rated as critical. This affects the function ip6mr_sk_done. Performing manipulation results in improper initialization. This vulnerability is identified as CVE-2022-50310. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.0.2. It has been declared as critical. Affected by this issue is the function of_get_child_by_name of the component media. Such manipulation leads to improper update of reference count. This vulnerability is referenced as CVE-2022-50309. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.0.16/6.1.2. It has been classified as critical. Affected by this vulnerability is the function msc313_rtc_probe. This manipulation causes incorrect control flow. The identification of this vulnerability is CVE-2022-50322. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

本文刊载于《公安学研究》2025年第3期。为方便阅读，编辑中对部分文本进行加黑并删除了文章脚注。

近来发现很多涉网案件开始使用CDN技术来隐藏源服务器IP，对司法机关取证封锁源头IP造成一定的难度，那么如何对这种使用CDN技术的网站找到其背后搭建的那台源服务器的IP？本期特邀黑产研究专家阿辉将介绍CDN的一些相关知识和取证思路。

印度 IT 服务行业产值 2500 亿美元，贡献了 GDP 的 8%，雇佣了 540 万人。外包巨头如 Tata Consultancy Services（TCS）和 Infosys 以最低 5000 美元的薪水源源不断的雇佣应届生，在培训之后胜任发达国家十倍薪水的工作，以这种劳动力套利为欧美的客户提供 IT 服务。然而生成式 AI 时代影响最大的就是初级 IT 工作，而印度的 IT 外包行业也因此深受打击。2023 财年印度四大 IT 外包巨头招聘了 22.5 万名应届生，但到了 2024 财年，招聘的应届生数量暴跌 70% 降至 6 万。TCS 和 Infosys 在 2022 财年增加了 157,000 名员工，而在 2025 财年数量降至 12,771 人。IT 外包巨头的员工总数也在几十年来首次下降，TCS 在 2024 财年的员工总数减少了逾 13,000 人，而 Infosys 则裁员 25,000 人。Accenture 等公司的研究表明，生成式 AI 能自动化 30% 至 40% 的初级程序员和测试人员的工作。应届生招聘人数的减少也改变了该行业的人口结构。Infosys 30 岁以上员工占总员工的比例从 2010 年的 81% 降至 2025 财年预计的 53%。IT 毕业生失业率超过 13%，几乎是全国平均水平的三倍。

Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices outside of the EEA region that have the Microsoft 365 desktop client apps. [...]

Cybercriminals are increasingly exploiting legitimate remote monitoring and management (RMM) tools to establish persistent access to compromised systems through sophisticated phishing campaigns. Joint research conducted by Red Canary Intelligence and Zscaler threat hunters has identified multiple malicious campaigns utilizing ITarian (also known as Comodo), PDQ, SimpleHelp, and Atera RMM solutions as attack vectors. The appeal […]

The post Threat Actors Leverage Several RMM Tools in Phishing Attack to Maintain Remote Access appeared first on Cyber Security News.

SecWiki周刊（第602期) by ourren

更多最新文章，请访问SecWiki

3 Nederlandse en 4 Belgische mijnenbestrijdingsvaartuigen worden aan de Bulgaarse marine overgedragen. Dit is Inclusief een simulator en reserveonderdelen. De Nederlandse marineschepen zijn van de Alkmaarklasse en gaan in 2027 en 2028 naar het land in Zuidoost-Europa. Dit heeft staatssecretaris Gijs Tuinman de Kamer vandaag laten weten.

A sophisticated pro-Russian cybercriminal group known as SectorJ149 (also identified as UAC-0050) has emerged as a significant threat to critical infrastructure worldwide, conducting targeted attacks against manufacturing, energy, and semiconductor companies across multiple nations. The group’s activities represent a strategic shift from traditional financially motivated cybercrime to geopolitically driven operations that align with broader Russian […]

The post Pro-Russian Hackers Attacking Key Industries in Major Countries Around The World appeared first on Cyber Security News.

HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass

A vulnerability was found in cvat up to 2.39.x. It has been classified as problematic. Affected by this vulnerability is an unknown functionality. This manipulation causes authorization bypass. This vulnerability is registered as CVE-2025-49135. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.