Aggregator

OWASP发布2025年智能合约十大漏洞报告，反映了不断演变的攻击向量，深入剖析了近年来的常见漏洞及缓解策略。

HackerNews 编译，转载请注明出处： 一名华盛顿男子在法庭上承认，参与了多起诈骗案件，导致超过60万美元的损失。 28岁的马尔科·拉昆·霍内斯特（Marco Raquan Honesty）承认，在2021年至2022年期间，他参与了包括新冠救济诈骗、短信钓鱼、银行账户接管、伪造汇票和其他诈骗活动。 霍内斯特通过短信钓鱼（smishing）实施诈骗，向受害者发送短信，告知其资金被未经授权转账，并引导受害者访问伪装成正规银行网站的钓鱼网站，盗取受害者的登录凭据。 法庭上出示的文件还指控霍内斯特运营了一个Telegram频道，广告中出售被盗数据，如信用卡、支票、银行凭证和其他与诈骗相关的赃物。 他还通过Zelle和银行内转账等方式，访问受害者账户，将资金转移到自己及共谋者的账户中。 根据法庭文件，霍内斯特使用一名短信钓鱼受害者的信息，与德克萨斯州机动车辆管理局（Texas Department of Motor Vehicles）完成了一笔交易，作为针对汽车经销商的诈骗活动的一部分。他还制作假身份证，卖给其他人，以便他们实施类似的诈骗计划。 2021年4月至10月期间，霍内斯特与共谋者一起，向薪资保护计划（PPP）提交虚假贷款申请，并伪造税表来支持这些申请。此骗局导致小企业管理局（SBA）损失超过50万美元，霍内斯特为一些贷款提供便利，收取了回扣或费用，在某些情况下，每笔贷款获得1万美元。 美国司法部表示：“霍内斯特通过这一计划为自己、父亲、两个姐妹、祖母、表亲、孩子的母亲以及其他朋友和亲戚获取了PPP贷款。” 2021年12月至2022年1月期间，霍内斯特还参与了一项涉及虚假西联汇款汇票的计划，造成超过7.9万美元的预期损失。 2023年9月，调查人员在搜查霍内斯特住所时，扣押了24部手机、3台笔记本电脑、空白的IRS 1099表格、空白社保卡模板、SIM卡、信用卡压印机、空白卡片和信用卡读卡器等物品。 霍内斯特参与的诈骗案件共造成大约62.2万美元的损失，但当局认为，预期损失金额超过85万美元。 霍内斯特面临最高20年的电信诈骗刑罚，以及强制执行的2年加重身份盗窃刑期。他将在5月23日接受宣判。   消息来源：Security Week, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

error code: 521

HackerNews 编译，转载请注明出处： 惠与科技（HPE）正在调查一起新的安全事件，黑客声称从该公司开发环境中窃取了文档。 HPE向BleepingComputer表示，目前尚未发现任何安全漏洞的证据，但公司正在调查黑客的声称。 HPE发言人Clare Loxley告诉BleepingComputer：“HPE在1月16日得知一个名为IntelBroker的黑客组织声称持有属于HPE的信息。” 她补充道：“HPE立即启动了网络响应程序，禁用了相关凭证，并展开调查以评估这些声称的真实性。目前，我们的业务未受影响，且没有证据表明客户信息受到牵连。” IntelBroker宣布将出售据称从HPE网络中窃取的信息，声称他们至少有两天时间可以访问HPE的API、WePay以及（公开和私密的）GitHub代码库，并窃取了证书（私钥和公钥）、Zerto和iLO源代码、Docker构建文件以及用于交付的旧版用户个人信息。 IntelBroker还上传了另外一个数据档案（包括凭证和访问令牌），这些数据据称是从HPE系统中窃取的，时间是在2024年2月1日。该公司当时也表示正在调查黑客的声称，但没有发现任何安全漏洞的证据。 IntelBroker因入侵DC Health Link而声名狼藉，该组织负责管理美国国会众议院成员的医保计划，此次事件导致170,000名受影响者的个人数据泄露，并引发了国会听证会。 与IntelBroker相关的其他事件还包括入侵诺基亚、思科、欧洲刑警组织、家得宝、Acuity等，以及涉嫌入侵AMD、美国国务院、Zscaler、福特汽车和通用电气航空等。 HPE曾在2018年遭到APT10中国黑客组织的入侵，黑客通过该次入侵获得了对HPE部分系统的访问权限，并利用该权限攻击客户设备。 更近期的是，HPE在2021年披露，其Aruba Central网络监控平台的数据仓库也遭到入侵，攻击者得以访问受监控设备的数据及其位置信息。 HPE还透露，去年其Microsoft Office 365电子邮件环境在2023年5月遭到入侵，攻击者被认为是与俄罗斯对外情报局（SVR）相关的APT29黑客组织。   消息来源：Bleeping Computer, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

error code: 521

A vulnerability was found in Microsoft .NET Framework 4.0 on 64-bit. It has been classified as critical. Affected is an unknown function of the component JIT Compiler. The manipulation leads to code injection. This vulnerability is traded as CVE-2010-3228. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in HP OpenView Network Node Manager 7.53. This vulnerability affects unknown code. The manipulation leads to denial of service. This vulnerability was named CVE-2010-3285. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Microsoft Windows 7/Server 2008/Vista. Affected is an unknown function of the component SChannel Client. The manipulation as part of Certificate Request leads to improper input validation. This vulnerability is traded as CVE-2010-3229. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM WebSphere Application Server up to 6.1.0.11. It has been rated as critical. This issue affects some unknown processing of the component Administrative Console. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2010-3271. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Pecl-php Alternative PHP Cache up to 3.0.9. This issue affects some unknown processing of the file apc.php. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2010-3294. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Quagga BGP Daemon up to 1.2.2 and classified as problematic. This issue affects some unknown processing of the component Notify Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2018-5378. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Quagga BGP Daemon up to 1.2.2. It has been classified as critical. Affected is an unknown function of the component UPDATE Message Handler. The manipulation leads to double free. This vulnerability is traded as CVE-2018-5379. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Apple macOS up to 10.12/11.3. This affects an unknown part of the component Bluetooth Driver. The manipulation as part of Parameter leads to cryptographic issues (Key). This vulnerability is uniquely identified as CVE-2018-5383. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle Database Server 8.1.7.4 and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2006-3702. The attack can be launched remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.

A vulnerability, which was classified as very critical, has been found in Mozilla Firefox and Thunderbird up to 2.0.0.1. Affected by this issue is some unknown functionality of the component Javascript Engine. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2007-0777. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

January 21, 2025In anot

新研究表明，多种隧道协议存在安全漏洞，这些漏洞可能让攻击者实施多种攻击。

主站 分类 漏洞 工具 极客

A vulnerability was found in D-Link DI-624 1900. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2006-3687. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft PowerPoint 2000/2002/2003. It has been declared as critical. This vulnerability affects unknown code in the library mso.dll. The manipulation leads to memory corruption. This vulnerability was named CVE-2006-3590. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.