Aggregator

网安标委第二次“标准周”举办，Facebook遭受全球大规模中断……

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. [...]

A vulnerability was found in Open Robotics ROS2. It has been declared as critical. Affected by this vulnerability is the function dyn_param_handler_. The manipulation leads to permission issues. This vulnerability is known as CVE-2024-41644. The attack can only be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated "CyberAv3ngers" swept up fuel management systems made by U.S.-based firm Gilbarco Veeder-Root.

IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider
Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1.

Also: How Leading Cybersecurity Firms Are Gearing Up for 2025
In the latest weekly update, ISMG editors discussed the shooting death of the UnitedHealthcare CEO and its wider implications for AI-driven decision-making, market strategies for the top cybersecurity companies in 2025, and how these strategies reflect industry trends.

Around 30,000 German IoT Devices Infected From Backdoored Android Applications
The German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture frames and media players made with knockoff Android operating systems shipped from China. The agency identified at least 30,000 infected devices.

A vulnerability, which was classified as problematic, was found in Openinfosecfoundation Suricata up to 2.0.3-2. Affected is the function SSHParseBanner of the file app-layer-ssh.c. The manipulation leads to improper resource management. This vulnerability is traded as CVE-2014-6603. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Citrix Netscaler 10.0/10.1/10.5. This affects an unknown part of the component Management Interface. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2014-7140. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Google Calendar Events up to 2.0.3.0. This affects an unknown part. The manipulation of the argument gce_feed_ids leads to cross site scripting. This vulnerability is uniquely identified as CVE-2014-7138. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Exponent CMS 2.3.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument src leads to cross site scripting. This vulnerability is handled as CVE-2014-6635. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Maxfoundry MaxButtons 1.26.0. This vulnerability affects unknown code. The manipulation of the argument id leads to cross site scripting. This vulnerability was named CVE-2014-7181. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Wpgmaps Wordpress Google Maps Plugin up to 6.0.9. This issue affects some unknown processing. The manipulation of the argument poly_id leads to cross site scripting. The identification of this vulnerability is CVE-2014-7182. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in WP Photo Text Slider 50 Plugin up to 8.1 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-11884. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in SIP Calculator Plugin up to 1.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-12555. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in glomex oEmbed Plugin up to 0.9.1 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-11873. It is possible to initiate the attack remotely. There is no exploit available.