Aggregator

A vulnerability was found in Honeywell Saia PG5 Controls Suite. It has been classified as problematic. Affected is an unknown function. The manipulation leads to xml external entity reference. This vulnerability is traded as CVE-2023-51600. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as problematic was found in Kofax Power PDF. This vulnerability affects unknown code of the component JP2 File Parser. The manipulation leads to use after free. This vulnerability was named CVE-2023-51610. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in OpenBSD Kernel. This issue affects some unknown processing of the component Multicast Routing Handler. The manipulation leads to uninitialized resource. The identification of this vulnerability is CVE-2021-34999. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in OpenBSD Kernel. Affected is an unknown function of the component Multicast Routing Handler. The manipulation leads to uninitialized resource. This vulnerability is traded as CVE-2021-35000. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

The anonymity of the Tor network has been scrutinized in a recent investigation by German law enforcement agencies. Despite these revelations, the Tor Project maintains that its network remains secure for users. This article delves into the details of the investigation, its implications for Tor, and the response from various stakeholders. Tor stands as the […]

The post Tor Claims Network is Safe Following Enforcement Infiltration to Expose Criminals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A threat actor on a well-known dark web forum has allegedly claimed responsibility for a significant data breach involving the Indian financial institution, Federal Bank. The breach reportedly exposes sensitive information of hundreds of thousands of customers, raising serious concerns about data security and privacy. The claim was first reported by a ThreatMon, who shared the […]

The post Threat Actor Allegedly Claims Breach of Federal Bank Customer Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google’s Chrome browser. This vulnerability explicitly targets the V8 JavaScript engine and is exclusive to ARM64 architectures. The release of this PoC has raised concerns within the cybersecurity community, highlighting a potential avenue for exploitation in widely used devices. […]

The post PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new method of attack has emerged that leverages WebDAV technology to host malicious files. This approach, which facilitates the distribution of the Emmenhtal loader—also known as PeakLight—has been under scrutiny since December 2023. The loader is notorious for its stealthy, memory-only execution and its role in distributing various infostealers worldwide. This article delves into […]

The post Webdav Malicious File Hosting Powering Stealthy Malware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group

A vulnerability has been found in Apple macOS up to 10.12.1 and classified as critical. This vulnerability affects unknown code of the component CoreMedia Playback. The manipulation leads to memory corruption. This vulnerability was named CVE-2016-7588. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Zenity announced an agent-less security solution for Microsoft 365 Copilot with the Zenity AI Trust Layer. With this product launch, Zenity is continuing to empower its customers to confidently and securely unleash business enablement. Microsoft 365 Copilot is embedded across the Microsoft suite, including SharePoint and M365. This presents massive opportunities for businesses to enable all their employees and third parties to be more efficient and effective through the use of Generative AI. However, Microsoft 365 … More →

The post Zenity unveils agent-less security solution for Microsoft 365 Copilot appeared first on Help Net Security.

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. "The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le

A vulnerability was found in Myvet2pet AHRAH 219426. It has been rated as critical. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-6856. The attack needs to be approached within the local network. There is no exploit available.

任天堂和宝可梦公司对《幻兽帕鲁（Palworld）》开发商 Pocketpair 提起专利侵权诉讼，寻求发布禁令和赔偿损失。《幻兽帕鲁》与宝可梦公司的《Pokemon（精灵宝可梦）》系列之

A vulnerability was found in Apple iTunes up to 12.9.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebKit. The manipulation leads to memory corruption. This vulnerability is known as CVE-2018-4386. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Enterprise Security / DevOpsGitLab has released patches to address a critical flaw impacting Commu

Aembit, the non-human identity and access management (IAM) company, today released its 2024 Non-Human Identity Security Report, a definitive survey highlighting how organizations currently manage and protect non-human identities (NHIs) – such as applications, scripts, and service accounts. The report reveals a stunning, widespread reliance on outdated methods and manual practices that fail to provide […]

The post Aembit Unveils 2024 Survey Report Highlighting Major Gaps in Securing Non-Human Identities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.