Microsoft Notepad to get AI-powered rewriting tool on Windows 11
error code: 1106
Aggregator
Google Cloud: MFA Will Be Mandatory for All Users in 2025
1 year 4 months ago
Google is making multi-factor authentication (MFA) mandatory for all Google Cloud users in a pha
Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns
1 year 4 months ago
The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform.
"The decision was based on the information and evidence collected over the course of the review and on the advice of Canada's security and intelligence community and other
The Hacker News
CVE-2022-27412 | Explore CMS 1.0 /page.php id sql injection (ID 166694 / EDB-50920)
1 year 4 months ago
A vulnerability was found in Explore CMS 1.0. It has been rated as critical. This issue affects some unknown processing of the file /page.php. The manipulation of the argument id leads to sql injection.
The identification of this vulnerability is CVE-2022-27412. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Consumer privacy risks of data aggregation: What should organizations do?
1 year 4 months ago
In September 2024, the Federal Trade Commission (FTC) released an eye-opening report that digs into the data habits of nine major tech giants, including Amazon (Twitch), ByteDance (TikTok), Discord, Facebook, Reddit, Snap, Twitter, WhatsApp, and YouTube. The findings reveal extensive, often unsettling, data aggregation practices that go beyond user expectations and present considerable privacy risks. This article breaks down key privacy challenges and offers practical guidance to help organizations safeguard consumer data in today’s complex … More →
The post Consumer privacy risks of data aggregation: What should organizations do? appeared first on Help Net Security.
Help Net Security
Memorial Hospital and Manor suffered a ransomware attack
1 year 4 months ago
Memorial Hospital and Manor suffered a ransomware attack Pierlu
CVE-2024-42018 | Atos Eviden SMC xScale up to 1.6.5 HPC Configuration initialization
1 year 4 months ago
A vulnerability was found in Atos Eviden SMC xScale up to 1.6.5. It has been classified as problematic. Affected is an unknown function of the component HPC Configuration. The manipulation leads to improper initialization.
This vulnerability is traded as CVE-2024-42018. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-45184 | Samsung Mobile Processor/Wearable Processor/Modem up to W930 out-of-bounds write
1 year 4 months ago
A vulnerability was found in Samsung Mobile Processor, Wearable Processor and Modem and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds write.
This vulnerability is handled as CVE-2024-45184. Access to the local network is required for this attack. There is no exploit available.
vuldb.com
CVE-2024-9936 | Mozilla Firefox up to 131.0.2 Selection Node Cache denial of service (Nessus ID 208946)
1 year 4 months ago
A vulnerability classified as problematic was found in Mozilla Firefox up to 131.0.2. Affected by this vulnerability is an unknown functionality of the component Selection Node Cache. The manipulation leads to denial of service.
This vulnerability is known as CVE-2024-9936. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-21264 | Oracle PeopleSoft Enterprise CC Common Application Objects Activity Guide Composer improper authorization
1 year 4 months ago
A vulnerability was found in Oracle PeopleSoft Enterprise CC Common Application Objects 9.2. It has been rated as critical. This issue affects some unknown processing of the component Activity Guide Composer. The manipulation leads to improper authorization.
The identification of this vulnerability is CVE-2024-21264. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-21250 | Oracle Process Manufacturing Product Development up to 12.2.14 Quality Manager Specification improper authorization
1 year 4 months ago
A vulnerability, which was classified as critical, has been found in Oracle Process Manufacturing Product Development up to 12.2.14. This issue affects some unknown processing of the component Quality Manager Specification. The manipulation leads to improper authorization.
The identification of this vulnerability is CVE-2024-21250. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-21258 | Oracle Installed Base up to 12.2.14 User Interface information disclosure
1 year 4 months ago
A vulnerability classified as problematic was found in Oracle Installed Base up to 12.2.14. This vulnerability affects unknown code of the component User Interface. The manipulation leads to information disclosure.
This vulnerability was named CVE-2024-21258. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-21257 | Oracle Hyperion BI+ 11.2.18.0.000 UI/Visualization information disclosure
1 year 4 months ago
A vulnerability, which was classified as problematic, has been found in Oracle Hyperion BI+ 11.2.18.0.000. Affected by this issue is some unknown functionality of the component UI/Visualization. The manipulation leads to information disclosure.
This vulnerability is handled as CVE-2024-21257. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-49217 | Madiri Salman Aashish Adding Drop Down Roles in Registration Plugin up to 1.1 on WordPress privileges assignment
1 year 4 months ago
A vulnerability, which was classified as critical, was found in Madiri Salman Aashish Adding Drop Down Roles in Registration Plugin up to 1.1 on WordPress. This affects an unknown part. The manipulation leads to incorrect privilege assignment.
This vulnerability is uniquely identified as CVE-2024-49217. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-49219 | themexpo RS-Members Plugin up to 1.0.3 on WordPress privileges assignment
1 year 4 months ago
A vulnerability was found in themexpo RS-Members Plugin up to 1.0.3 on WordPress and classified as critical. This issue affects some unknown processing. The manipulation leads to incorrect privilege assignment.
The identification of this vulnerability is CVE-2024-49219. The attack may be initiated remotely. There is no exploit available.
vuldb.com
11月11日起!13项网络安全国家标准开始实施
1 year 4 months ago
11月1日起,《网络安全技术 信息技术安全评估准则》等13项网络安全国家标准开始实施。《网络安全技术 信息技术安全评估准则 第1部分:简介和一般模型》《网络安全技术 信息技术安全评估准则 第2部分:安全功能组件》等6项推荐性国家标准,是对软件、硬件、固件形式的IT产品及其组合进行安全测评的基础标准,为产品消费者、开发者、评估者提供了基本的安全功能和保障组件,内容吸纳了国际网络安全评估领域模块化评估、多重保障评估、供应链分析等最新理念,将为我国具有安全功能IT产品的开发、评估以及采购过程提供指导。《网络安全技术 无线局域网客户端安全技术要求》《网络安全技术 无线局域网接入系统安全技术要求》2项推荐性国家标准,规定了无线局域网客户端与接入系统的安全功能要求和安全保障要求,给出了无线局域网客户端与接入系统面临安全问题的说明,能够为无线局域网客户端产品与接入系统的测试、研制和开发提供指导。《网络安全技术 零信任参考体系架构》《网络安全技术 证书应用综合服务接口规范》2项推荐性国家标准,分别规定了零信任参考体系架构以及面向证书应用的综合服务接口要求和相应验证方法,对于采用零信任体系框架的信息系统的规划、设计,公钥密码基础设施应用技术体系下证书应用中间件和证书应用系统的开发,以及密码应用支撑平台的研制和检测具有重要意义。
《网络安全技术 软件供应链安全要求》《网络安全技术 网络安全众测服务要求》《网络安全技术 软件产品开源代码安全评价方法》3项推荐性国家标准,分别确立了软件供应链安全目标,规定了软件供应链安全风险管理要求和供需双方的组织管理和供应活动管理安全要求,描述了网络安全众测服务的角色以及职责、服务流程、安全风险、服务要求,规定了软件产品中的开源代码成分安全评价要素和评价流程,对软件供应链中的供需双方开展风险管理、组织管理和供应活动管理具有引领和促进作用,将为网络安全众测服务活动提供帮助指导,助力各方对软件产品包含的开源代码成分进行静态安全评价。
文章来源自:央视网胡金鱼
CVE-2016-1847 | Apple Mac OS X up to 10.11.4 OpenGL memory corruption (HT206567 / Nessus ID 91311)
1 year 4 months ago
A vulnerability was found in Apple Mac OS X up to 10.11.4. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component OpenGL. The manipulation leads to memory corruption.
This vulnerability is known as CVE-2016-1847. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
亚马逊查获使用恶意远程桌面操作以窃取数据的域名
1 year 4 months ago
据悉,亚马逊已查获了俄罗斯 APT29 黑客组织用于针对政府和军事组织进行针对性攻击的域名,以使用恶意远程桌面操作连接文件窃取 Windows 凭据和数据。
APT29,也被称为“舒适熊”和“午夜暴雪”,是一个由俄罗斯国家支持的网络间谍组织,与俄罗斯对外情报局 (SVR) 有联系。亚马逊澄清说,尽管 APT29 使用的网络钓鱼页面被伪装成 AWS 域,但亚马逊或其云平台的凭证都不是这些攻击的直接目标。
其公告中写道:“他们使用的一些域名试图欺骗目标,让人们相信这些域是 AWS 域(但事实并非如此),但亚马逊不是目标,该组织也不是目标 AWS 客户凭证。相反,APT29 通过 Microsoft 远程桌面寻找目标的 Windows 凭据。”
威胁者以针对全球政府、智库和研究机构的高度复杂的攻击而闻名,通常使用网络钓鱼和恶意软件来窃取敏感信息。
全球范围内的目标组织
尽管 APT29 最近的活动在乌克兰产生了重大影响,但其范围很广泛,并针对多个被视为俄罗斯对手的国家。
亚马逊指出,在这次特定的活动中,APT29 遵循其典型的“窄目标”策略的相反方法,向比平常更多的目标发送了网络钓鱼电子邮件。乌克兰计算机紧急响应小组 (CERT-UA) 发布了有关这些“流氓 RDP”附件的公告,以警告他们在“UAC-0215”下跟踪的大规模电子邮件活动。
这些消息的主题是解决亚马逊和微软服务的“集成”问题以及实施“零信任”网络安全架构(零信任架构,ZTA)。
这些电子邮件包含 RDP(远程桌面协议)连接文件,其名称如“零信任安全环境合规性检查.rdp”,打开时会自动启动与恶意服务器的连接。
恶意 RDP 配置屏幕
从上面这些 RDP 连接配置文件之一的图像可以看出,它们与攻击者控制的 RDP 服务器共享所有本地资源,包括:
·本地磁盘和文件
·网络资源
·打印机
·COM 端口
·音频设备
·剪贴板
此外,UA-CERT 表示,它们还可以用于在受感染的设备上执行未经授权的程序或脚本。
共享驱动器和设备被重定向到攻击者的 RDP 服务器
虽然亚马逊表示,该活动用于窃取 Windows 凭据,但由于目标的本地资源与攻击者的 RDP 服务器共享,因此威胁者也可以直接从共享设备窃取数据。
这包括存储在目标硬盘、Windows 剪贴板和映射网络共享上的所有数据。 CERT-UA 建议应仔细检查其公告 IoC 部分中共享的 IP 地址的网络交互日志,以检测可能的攻击或违规迹象。此外,建议采取以下措施来减少攻击面:
1.在邮件网关处阻止“.rdp”文件。
2.防止用户在不需要时启动任何“.rdp”文件。
3.配置防火墙设置以限制从 mstsc.exe 程序到外部网络资源的 RDP 连接。
4.配置组策略以通过 RDP 禁用资源重定向(“远程桌面服务”->“远程桌面会话主机”->“设备和资源重定向”->“不允许...”)。
目前,APT29 仍然是俄罗斯最强大的网络威胁之一,善于使用间谍软件供应商独有的漏洞。据透露,去年威胁者攻击了 TeamViewer、Microsoft 和 Hewlett Packard Enterprise 等重要软件供应商。
本月早些时候,APT29“集体”就利用 Zimbra 和 JetBrains TeamCity 服务器漏洞破坏全球重要组织。
胡金鱼
DEF CON 32 – Your AI Assistant Has A Big Mouth: A New Side Channel Attack
1 year 4 months ago
Wednesday, November 6, 2024
CVE-2024-23155 | Autodesk AutoCAD MODEL File Parser heap-based overflow
1 year 4 months ago
A vulnerability was found in Autodesk AutoCAD. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MODEL File Parser. The manipulation leads to heap-based buffer overflow.
This vulnerability is known as CVE-2024-23155. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com