Aggregator

A vulnerability, which was classified as critical, has been found in Shilpi Computers Client Dashboard prior 9.7.0. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-47655. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Shilpi Computers Client Dashboard prior 9.7.0. Affected by this vulnerability is an unknown functionality of the component API Endpoint. The manipulation leads to improper control of interaction frequency. This vulnerability is known as CVE-2024-47654. The attack can be launched remotely. There is no exploit available.

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. The malicious code was used to drop cryptocurrency miners and proxyjacking software. Perfctl is an elusive […]

Ukrainian Roosh Ventures has invested in the French freelance platform Jump. This was announced by tech entrepreneur and co-founder of the Roosh investment fund, Serhiy Tokarev, on his LinkedIn page: “Thrilled to announce that Roosh Ventures is backing Jump, a platform that’s changing the game for freelancers.”  Jump is a universal platform aiming to make […]

The post Serhiy Tokarev Told About Roosh’s Investment in the French Freelance Platform  appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Правозащитники восстают против того, чтобы ИИ следил за каждой транзакцией британцев.

The booming economies of Africa, rich in natural resources and brimming with potential, are attracting not just investors but also cybercriminals.

A vulnerability classified as problematic has been found in Shilpi Computers Client Dashboard prior 9.7.0. Affected is an unknown function of the component API Endpoint. The manipulation leads to improper handling of extra parameters. This vulnerability is traded as CVE-2024-47651. It is possible to launch the attack remotely. There is no exploit available.

68 стран объединились против кибервымогателей.

Новая политика мессенджера относительно модерации контента вносит коррективы в деятельность хакеров.

A vulnerability was found in Finrota Netahsilat up to 1.21.09/1.23.00/1.23.07/1.23.10/1.24.02. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information. The identification of this vulnerability is CVE-2024-6400. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

«Лаборатория Касперского» обнаружила продвинутые атаки SilentCryptoMiner.

Attributing a cyberattack to a specific threat actor is a complex affair, as evidenced by new ESET research published this week

Очередной легальный инструмент становится ключом к вашим данным.

In this blog, we reveal a new method for unprivileged users to identify Microsoft Defender exclusion paths using MpCmdRun.exe, without relying on event logs. We also introduce SharpExclusionFinder, a C# tool for automating exclusion discovery, and provide tips for defenders to monitor and mitigate this risk.

Google закрывает все лазейки для финансовых преступников

Microsoft and the US Justice Department have seized over 100 domains used by Star Blizzard, a Russian nation-state threat actor. “Between January 2023 and August 2024, Microsoft observed Star Blizzard target over 30 civil society organizations – journalists, think tanks, and non-governmental organizations (NGOs) core to ensuring democracy can thrive – by deploying spear-phishing campaigns to exfiltrate sensitive information and interfere in their activities,” Steven Masada, Assistant General Counsel at Microsoft’s Digital Crimes Unit, explained. … More →

The post 100+ domains seized to stymie Russian Star Blizzard hackers appeared first on Help Net Security.

Создатели вредоносного ПО предстанут перед судом в Москве.