Aggregator

Учёные раскрыли механизм двойной природы CED-9.

近日，美国司法部宣布，涉嫌担任勒索软件组织Phobos软件管理员的俄罗斯男子Evgenii Ptitsyn已被从韩国引渡至美国。他被控利用该勒索软件组织策划和实施了涉及全球逾千名受害者的网络攻击，勒索金额超过1600万美元。 这次引渡行动得到了多个国家的协助，包括韩国、日本和欧洲国家的执法机构。美国司法部副部长丽莎·摩纳哥对此表示：“通过全球执法机构的合作，我们向世界证明，无论网络犯罪分子身在何处，都无法逃避正义。” Ptitsyn目前面临13项指控，包括电信欺诈、电信欺诈共谋、计算机欺诈与滥用共谋，以及与黑客和勒索相关的四项敲诈勒索罪和四项故意损害受保护计算机的罪名。 首创“薄利多销”模式的勒索软件组织 Phobos勒索软件首次被发现于2017年末，其名称来源于希腊神话中的恐惧之神。该勒索软件的运行机制与其他勒索软件家族相似：加密受害者的文件，随后要求支付赎金以换取解密密钥。然而，与一些动辄要求数百万美元的高级勒索软件不同，Phobos的赎金金额相对较小，通常在数千美元至数万美元之间。这种“薄利多销”的商业模式使其对中小型组织尤为具有威胁性。 Phobos的受害者覆盖全球，包括医院、学校、地方政府和企业等关键部门。该勒索软件的攻击通常通过以下方式展开： 远程桌面协议（RDP）漏洞利用：攻击者通过扫描互联网中的RDP端口，利用弱密码或未修复的漏洞获得初始访问权限。 钓鱼攻击：通过精心设计的电子邮件欺骗用户点击恶意链接或附件。 内部人员协助：利用企业内部的安全漏洞或合作人员进行渗透。 一旦攻击成功，Phobos会加密受害者的文件并在每个受感染的目录中放置赎金通知，通常包含攻击者的联系信息和支付比特币的说明。 Ptitsyn被捕对Phobos的影响 Ptitsyn以“derxan”和“zimmermanx”等网名活动，据信是Phobos组织的重要管理员之一。他不仅负责开发和维护Phobos，还向其他犯罪分子提供技术支持和指导。其活动范围广泛，直接参与了多起针对政府和企业的勒索攻击。 根据美国网络安全与基础设施安全局（CISA）和联邦调查局（FBI）的警告，Phobos自2020年以来，频繁针对美国的州和地方政府服务发动攻击，对社会基础设施构成了严重威胁。 近年来，Phobos活动频率有所下降。根据网络威胁情报公司Recorded Future的数据显示，与Phobos相关的攻击在最近几个月大幅减少，同时另一个使用Phobos变种的勒索软件组织8Base上个月完全停止了活动。这种变化可能与Ptitsyn的落网直接相关。 然而，网络安全专家警告，不排除Phobos组织在调整策略，或以新身份重返网络犯罪的可能性。勒索软件生态系统的复杂性使得犯罪分子可以迅速更换品牌或加入其他组织，继续其非法活动。 国际合作对抗勒索软件 此次引渡俄罗斯勒索软件组织管理员的行动凸显了国际合作在打击跨国网络犯罪中的重要性。近年来，美国及其盟国通过共享情报和联合执法成功抓捕了多个勒索软件组织的核心成员。例如： 2021年，REvil勒索软件组织的一名主要成员在波兰被捕。 2023年，Hive勒索软件组织的服务器被国际联合行动摧毁。 这表明，全球执法机构正在以更加协同的方式应对勒索软件这一日益增长的威胁，国际合作与技术创新才是打击跨国网络犯罪的关键。       转自Freebuf，原文链接：https://www.freebuf.com/news/415580.html 封面来源于网络，如有侵权请联系删除

Кто обрезал подводные кабели на 1400 км?

A vulnerability was found in Oracle Communications Cloud Native Core Network Slice Selection Function 23.2.0/23.3.1. It has been classified as critical. This affects an unknown part of the component Install/Upgrade. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-44487. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Communications Cloud Native Core Security Edge Protection Proxy 23.3.0. It has been rated as critical. This issue affects some unknown processing of the component Signaling. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-44487. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Oracle Communications Cloud Native Core Unified Data Repository 23.3.1. Affected is an unknown function of the component Signaling. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-44487. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Oracle Communications Service Catalog and Design 7.4.0.7.0/7.4.1.5.0/7.4.2.8.0 and classified as critical. This vulnerability affects unknown code of the component PSR Designer. The manipulation leads to denial of service. This vulnerability was named CVE-2023-44487. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Communications Service Catalog and Design 7.4.0.7.0/7.4.1.5.0/7.4.2.8.0 and classified as critical. This issue affects some unknown processing of the component PSR Designer. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-44487. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Oracle Communications Cloud Native Core Network Repository Function 23.3.1. This issue affects some unknown processing of the component Install/Upgrade. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-44487. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Oracle Communications Cloud Native Core Network Repository Function 23.3.1. Affected is an unknown function of the component Install/Upgrade. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-44487. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Communications Cloud Native Core Network Slice Selection Function 23.2.0/23.3.1 and classified as critical. Affected by this issue is some unknown functionality of the component Install/Upgrade. The manipulation leads to denial of service. This vulnerability is handled as CVE-2023-44487. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Communications Convergent Charging Controller 12.0.6.0.0/15.0.0.0.0. It has been classified as critical. This affects an unknown part of the component Common Functions. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-44487. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Communications Messaging Server 8.1.0.24.0. It has been rated as critical. This issue affects some unknown processing of the component Security. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-44487. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Oracle Communications Network Charging and Control 12.0.6.0.0/15.0.0.0.0. Affected is an unknown function of the component Common Functions. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-44487. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Oracle Communications Pricing Design Center up to 12.0.0.8.0/15.0.0.0.0. This affects an unknown part of the component REST Services Manager. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-44487. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

苹果计划向竞争对手的流媒体服务授权 Apple TV+ 的独占内容，此举旨在节省资金和扩大影响面。自 2019 年 Apple TV+ 推出以来，苹果斥资逾 200 亿美元打造原创内容。但根据尼尔森的数据，截至 2024 年 6 月苹果流媒体服务仅占美国屏幕观看时间的 0.3%。Apple TV+ 一个月的观看量不到 Netflix 一天的观看量。Apple TV+ 估计有 2500 万订户，是用户数最少的主流流媒体服务之一。知情人士称，苹果目前只打算授权其原创电影内容，暂时无意授权其原创电视内容。向第三方授权将产生额外收入，将原创电影推送给尚未订阅 TV+ 的用户。