Aggregator

感谢各位RC2铁粉的支持~

感谢各位RC2铁粉的支持~

2023年看到了零日漏洞利用的激增，反映了威胁行为者旨在在漏洞公开后迅速妥协高优先级目标的演变策略。

据BleepingComputer消息，今年2月，一个名为“KryptonZambie”的黑客者开始在 BreachForums论坛 上出售 1.328亿条个人信息记录，目前已证实，这些数据来自一家聚合数据的 B2B 需求生成公司 DemandScience（前身为 Pure Incubation）。 数据聚合是从公共来源收集、编译和组织数据，以创建一个对数字营销人员和广告商有价值的综合数据集，从而创建丰富的 “档案”，用于生成线索或营销信息。 在 DemandScience 的案例中，该公司从公共来源和第三方收集业务数据包括全名、实际地址、电子邮件地址、电话号码、职称和职能以及社交媒体链接。 黑客表示，他们从暴露的系统中窃取到了这些数据。对此BleepingComputer曾问询DemandScience，但被告知没有证据表明发生了数据泄露。DemandScience 企业传播高级总监Derek Beckwith表示“所有的系统都 100% 正常运行，我们没有发现任何迹象表明我们的任何系统或数据发生了黑客攻击或泄露事件。我们正在继续监测情况，因此目前不宜进一步扩大事态。” 到了8月15日，KryptonZambie 以 8 个论坛积分（相当于几美元）的价格出售数据集，基本上是免费泄露数据。 黑客发布的数据泄露帖子 11月13日，安全专家、数据泄露查询网站Have I Been Pwned（HIBP）创始人特洛伊·亨特（Troy Hunt）发表博文，称已确认数据的真实性，有受数据泄露影响的人联系了 DemandScience，并被告知泄露的数据来自两年前已退役的系统。 亨特还在泄露的数据中找到了自己的个人信息，包括他在辉瑞工作时的数据。 目前被盗数据集中的所有 1.22 亿个唯一电子邮件地址已添加到BIBP中，受影响的订阅者将收到有关数据泄露的邮件通知。     转自Freebuf，原文链接：https://www.freebuf.com/news/415274.html 封面来源于网络，如有侵权请联系删除  

Компьютер научили понимать Python без переводчика.

Банки ищут новые центры обработки данных для ИИ.

Google与Hypothesis Group合作开展的一项全球安全研究（2000+网络安全从业者）结果表明：买了10个及以上网络安全产品的企业，安全事件不减反增。。。 参考资料： https://workspace.google.com/blog/identity-and-security/global-survey-reveals-why-incremental-cyber-security-fixes-dont-work

Появились новые подробности расследования громкой кибератаки на США.

A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. This vulnerability was named CVE-2024-11214. The attack can be initiated remotely. Furthermore, there is an exploit available. The initial researcher disclosure contains confusing vulnerability classes.

A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-11213. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql injection. This vulnerability is handled as CVE-2024-11212. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #443304 / VDB-284530

Submit #443298 / VDB-284529

Submit #442035 / VDB-284528

直播预约：2024 OWASP中国安全技术论

多款马自达汽车型号的信息娱乐系统存在漏洞，可能允许攻击者以根权限执行任意代码

Submit #442942 / VDB-284526

Here's How Schools, Certification Bodies, Boot Camps and Leaders Can Lend a Hand
Across the security landscape, partnerships are becoming a cornerstone in developing agile, prepared professionals who can not only react to threats but anticipate and neutralize them. Here's how universities, certification bodies, boot camps and industry leaders can drive the industry forward.

Stealthy Backdoor Publicly Available on GitHub Can Be Weaponized for Larger Attacks
Godzilla webshell, a Chinese-language backdoor known for its stealth and ability to execute commands and manipulate files, is publicly available on GitHub, and federal authorities have issued a stern warning to the healthcare sector to prepare for this threat and inevitable cyberattacks.

Multiple Critical Vulnerabilities Expose Industrial Control Risks
French multinational Schneider Electric disclosed critical vulnerabilities in its Modicon M340, Momentum and MC80 programmable automation controllers. The vulnerabilities could allow unauthorized access, data manipulation and system interruptions.