Aggregator

一个关于数字取证的社区介绍了该领域涉及的内容和应用范围，并分享了个人从餐饮行业转型进入信息安全领域的经历及学习进展。

A vulnerability, which was classified as problematic, was found in cPanel WebHost Manager up to 11.0.0. Affected is an unknown function. The manipulation of the argument Password leads to basic cross site scripting. This vulnerability is traded as CVE-2007-0890. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Linux Kernel up to 6.8.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component tc358743. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2024-35830. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.29/6.8.8. It has been rated as critical. Affected by this issue is the function setup of the component Bluetooth. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-35850. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.2. It has been declared as problematic. This vulnerability affects the function arfs_create_groups of the component mlx5e. The manipulation leads to double free. This vulnerability was named CVE-2024-35835. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.11. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component usb. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-35825. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.82/6.6.22/6.7.10/6.8.1. This issue affects the function io_recvmsg_mshot_prep. The manipulation leads to integer underflow. The identification of this vulnerability is CVE-2024-35827. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.11. It has been classified as critical. Affected is the function memcpy of the component vt. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-35823. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.2 and classified as problematic. This issue affects the function ubifs_write_end. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-35821. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was suspected in Linux Kernel up to 6.7.11/6.8.2. This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all.

该文章解释了错误代码521的原因及其解决方案。

HackerNews 编译，转载请注明出处： 网络安全研究公司Comparitech的最新分析显示，2025年上半年，针对医疗保健行业的勒索软件攻击增长率（同比仅4%）远低于大多数其他行业。 Comparitech数据研究主管丽贝卡·穆迪（Rebecca Moody）指出，由于零售等其他行业正日益被视为更容易获利的目标，部分威胁行为者已转移了攻击重点。该公司追踪到2025年上半年医疗保健机构遭受了211起勒索软件攻击。相比之下，同期所有行业的勒索软件攻击平均增长率高达50%。 遭受攻击激增的行业包括技术业（85%）、零售业（85%）、法律服务业（71%）、运输业（66%）、制造业（64%）和政府机构（60%）。公用事业是唯一出现下降的行业（-31%）。 医疗行业受攻击率较低的原因 穆迪向Infosecurity表示，除了攻击者对零售业的兴趣增加外，医疗行业受攻击率较低还有多方面因素。她认为，2024年影响医疗服务的高调攻击事件（如美国医疗支付服务商Change Healthcare和英国NHS病理供应商Synnovis遭袭事件），可能促使整个医疗行业提升了网络安全意识并改进了防护系统。 穆迪还指出，攻击者出现新趋势：他们更倾向于瞄准医疗行业内不直接提供护理服务的企业，例如医疗器械制造商和制药公司。这使得黑客能通过单次攻击波及大量医疗提供商。“由于这类公司通常服务于大量医疗机构，它们掌握着庞大的数据库。因此，攻击这类企业可使黑客一次性瞄准多个组织及其数据。2025年1月Episource遭勒索攻击导致540万人数据泄露便是典型案例。” 但她同时警告，医疗行业仍是攻击者的关键目标，2025年迄今已发生多起严重事件。“正如本报告所发现，部分黑客（如INC和Medusa）仍在持续攻击医院等直接护理机构，并屡屡得手。针对这类机构的攻击可能会保持现有频率。” 医疗行业面临低于平均水平的赎金要求 该报告（发布于7月17日）指出，上半年医疗企业面临的赎金要求平均为47.9万美元。在已确认的攻击中，平均赎金要求更高，达60.8万美元。而其他行业的平均赎金要求则超过160万美元。 报告期内无任何机构确认支付赎金，但有10家实体表示拒绝了黑客的要求。Comparitech追踪到的上半年最高医疗赎金要求来自Medusa团伙：该团伙2月向英国独立护理集团HCRG Care Group索要200万美元。其次是Crazy Hunter团伙攻击台湾马偕纪念医院后索要的150万美元。 Comparitech指出，仅有少数勒索团伙会公开赎金要求数据，因此许多金额仍未知。在2025年上半年已知的24个赎金数据中，13个来自Medusa团伙。“目前像达维塔（DaVita）、Frederick Health和Kettering Health等重大攻击的赎金数额尚未披露。若未来公布，预计平均值将会上升。” 已确认泄露230万条医疗记录 在2025年1月至6月追踪到的211起医疗勒索攻击中，68起已获受害者公开确认。Comparitech发现这些确认事件导致超过230万条医疗相关记录泄露。 此期间最大的勒索相关泄露事件发生在2025年1月，Frederic Health遭攻击导致近100万患者记录泄露。上半年声称攻击医疗行业最多的勒索团伙是INC Ransom（声称34起，10起已确认），占该团伙同期总攻击声明的26%。其次是Qilin（声称25起，10起确认）、SafePay（14起）、RansomHub（13起）和Medusa（13起）。 从已确认泄露记录数量看，Qilin以55.5万条位居首位，SafePay以26万条紧随其后。在所有追踪事件中，约66%（139起）针对美国企业。澳大利亚（10起）和英国（7起）分列二、三位。       消息来源： infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability classified as critical has been found in rswag up to 2.10.0. Affected is an unknown function of the component JSON File Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2023-38337. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in October CMS 3.4.4. Affected by this issue is some unknown functionality of the component File Handler. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2023-37692. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Duke up to 1.2. Affected is an unknown function of the component no.priv.garshol.duke.server.CommonJTimer.init. The manipulation leads to code injection. This vulnerability is traded as CVE-2023-39013. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in pf4j up to 3.9.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument zippluginPath leads to information disclosure. The identification of this vulnerability is CVE-2023-40826. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Oracle Utilties Application Framework up to 4.5.0.1.3 and classified as critical. This issue affects some unknown processing of the component General. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2023-33201. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Oracle WebCenter Sites 12.2.1.4.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component Third Party. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2023-33201. The attack may be launched remotely. There is no exploit available.

当前环境出现异常问题，需完成验证后才能继续访问相关内容或功能。

在信通院的标准指引与业界的积极探索下，国内已逐步形成了以“连接器”为核心的可信数据空间整体解决方案。本文将系统介绍相关标准进展、架构分层、关键技术要点，旨在为关注数据要素流通的读者提供参考