Aggregator

A vulnerability was found in Mozilla Thunderbird up to 91.7. It has been classified as critical. Affected is an unknown function of the component NSSToken Object Handler. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-1097. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 98. This affects an unknown part of the component Rust Regex Crate. The manipulation leads to incorrect regular expression. This vulnerability is uniquely identified as CVE-2022-24713. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Firefox up to 98. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2022-28286. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 98 and classified as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2022-28289. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebAuthN Extension Handler. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2022-28281. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses

The “cyber incident” that British multinational retailer Marks & Spencer has been struggling with for over a week is a ransomware attack, multiple sources have asserted. The Telegraph’s sources say ransomware was deployed by a unnamed criminal gang. Bleeping Computer’s says the attackers were members of the Scattered Spider hacking group, and that M&S’s virtual machines on VMware ESXi hosts have been encrypted with the DragonForce encryptor. The effects of the attack The company publicly … More →

The post Marks & Spencer cyber incident linked to ransomware group appeared first on Help Net Security.

Europol has announced the launch of a powerful new Operational Taskforce (OTF), codenamed GRIMM, to confront the alarming rise of “violence-as-a-service” (VaaS) and the growing recruitment of young people by organised crime groups across Europe. Spearheaded by Sweden and joined by law enforcement from Belgium, Denmark, Finland, France, Germany, the Netherlands, and Norway, this multinational effort […]

The post Europol Launches Taskforce to Combat Violence-as-a-Service Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本文从 MCP 项目方的视角出发，帮助项目方对 MCP 钱包应用进行安全审计。

本文从 MCP 项目方的视角出发，帮助项目方对 MCP 钱包应用进行安全审计。

A vulnerability was found in Mozilla Thunderbird up to 91.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the component OpenPGP Key Handler. The manipulation leads to state issue. This vulnerability is handled as CVE-2022-1197. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Mozilla Thunderbird up to 91.7. This affects an unknown part of the component VR Process Handler. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2022-1196. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Thunderbird up to 91.7. This vulnerability affects unknown code of the component rel Handler. The manipulation leads to use after free. This vulnerability was named CVE-2022-28282. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Thunderbird up to 91.7. This issue affects the function MLoadTypedArrayElementHole of the component JIT Code Handler. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2022-28285. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 91.7. Affected is an unknown function of the component iFrame Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2022-28286. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Thunderbird up to 91.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Rust Regex Crate. The manipulation leads to incorrect regular expression. This vulnerability is known as CVE-2022-24713. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

关键词网络攻击网络犯罪生态系统中出现了一个名为 RansomHub 的新型勒索软件即服务 (RaaS) 组织，

关键词勒索软件日立 Vantara 是日本跨国集团日立的子公司，该公司上周末被迫关闭服务器以遏制 Akira

关键词勒索软件英国零售巨头玛莎百货 (Marks & Spencer) 持续的宕机是由勒索软件攻击造成的，据

关键词吉利汽车4月29日上午，多位吉利车主遭遇车辆无法解锁的尴尬局面。