Aggregator

A vulnerability classified as critical was found in Tenda W6-S 1.0.0.4. This vulnerability affects the function tpi_get_ping_output of the file /goform/exeCommand. The manipulation leads to command injection. This vulnerability was named CVE-2022-45497. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Tenda W6-S 1.0.0.4. This issue affects some unknown processing of the file /goform/WifiMacFilterGet. The manipulation of the argument wl_radio leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2022-45499. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Tenda W6-S 1.0.0.4. Affected is an unknown function of the file /goform/wifiSSIDset. The manipulation of the argument wl_radio leads to stack-based buffer overflow. This vulnerability is traded as CVE-2022-45501. The attack needs to be done within the local network. There is no exploit available.

A vulnerability has been found in Tenda W6-S 1.0.0.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setAutoPing. The manipulation of the argument linkEn leads to stack-based buffer overflow. This vulnerability is known as CVE-2022-45503. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Tenda A18 15.13.07.09. It has been classified as critical. Affected is an unknown function of the component Telnet Service. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2022-44932. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Tenda W6-S 1.0.0.4. It has been declared as problematic. Affected by this vulnerability is the function tpi_systool_handle of the file /goform/SysToolReboot. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-45498. Access to the local network is required for this attack to succeed. There is no exploit available.

Как конклав защищается от утечек информации о выборах.

i-PRO株式会社が提供する複数のi-PRO設定ツールには、ハードコードされた暗号鍵の使用の脆弱性が存在します。

HackerNews 编译，转载请注明出处： 加利福尼亚州非营利健康保险机构蓝盾（Blue Shield of California）近日声明，因Google分析与广告平台配置错误导致470万会员的受保护健康信息泄露。该机构服务全州近600万会员，其官网发布的通报显示数据泄露时间为2021年4月至2024年1月。 美国卫生与公众服务部数据泄露门户网站更新信息证实，此次事件影响470万人的敏感健康数据。蓝盾表示，泄露源于部分官网Google Analytics配置错误，可能导致数据被共享至Google广告平台及第三方广告商。 官方声明指出：“2025年2月11日发现，2021年4月至2024年1月期间，Google Analytics配置允许将含受保护健康信息的会员数据共享至Google广告产品。Google可能利用这些数据对受影响会员实施精准广告投放。” 暴露数据类型包括： 保险计划名称、类型及团体编号 所在城市与邮政编码 性别与家庭规模 蓝盾会员账户识别码 医疗索赔服务日期、服务商名称、患者姓名及自付费用 “寻找医生”功能搜索条件与结果（含位置、计划信息、医疗提供方信息） 蓝盾强调社会安全号、驾照号、银行账户及信用卡信息未受影响，但仍建议会员密切监控账户动态与信用报告。目前机构未提供身份盗窃保护服务，尚不清楚是否会向受影响会员寄送个别通知。 这是加州蓝盾一年内披露的第二起重大网络安全事件。2024年该机构软件服务商Connexure（原Young Consulting）遭BlackSuit勒索软件组织入侵，导致近百万会员数据被盗。     消息来源：Bleeping Computer； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability classified as critical was found in Dozer. Affected by this vulnerability is an unknown functionality of the component Type Conversion. The manipulation as part of Serialized Object leads to deserialization. This vulnerability is known as CVE-2014-9515. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Adobe Acrobat Reader up to 2015.006.30417/2017.011.30079/2018.011.20038. This issue affects some unknown processing of the component NTLM SSO Hash Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2018-4993. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Joomla CMS 3.7.0. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2017-8917. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in systemd up to v233. This issue affects some unknown processing of the component Username Handler. The manipulation with the input 0example leads to improper privilege management. The identification of this vulnerability is CVE-2017-1000082. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to change the configuration settings.

A vulnerability classified as critical has been found in Oracle Tekelec HLR Router 4.x. Affected is an unknown function of the component OpenSSL. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2014-0224. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Solaris 10. It has been declared as critical. This vulnerability affects unknown code of the component Common Desktop Environment. The manipulation leads to improper access controls. This vulnerability was named CVE-2017-3622. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in WordPress up to 6.2.0. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2023-2745. Access to the local network is required for this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

WhatsApp has announced the rollout of its new “Advanced Chat Privacy” feature, designed to give users greater control over the confidentiality of their conversations. Building on its foundation of end-to-end encryption, which ensures that only the sender and recipient can access messages, this latest update introduces a powerful tool to prevent sensitive content from being […]

The post WhatsApp’s New Advanced Chat Privacy Feature to Protect Sensitive Conversations appeared first on Cyber Security News.

HackerNews 编译，转载请注明出处： 自2025年3月初以来，多个疑似与俄罗斯有关的威胁组织针对与乌克兰及人权事务相关的个人和机构发动攻击，旨在非法入侵Microsoft 365账户。Volexity指出，此类高度定向的攻击已从此前利用设备代码钓鱼技术的攻击方式转向新策略，表明相关威胁组织正在积极改进其攻击手法。 安全研究人员Charlie Gardner、Josh Duke、Matthew Meltzer、Sean Koessel、Steven Adair和Tom Lancaster在详尽分析中表示：“近期观测到的攻击严重依赖与目标的点对点互动，攻击者必须说服目标点击链接并回传微软生成的验证码。”目前至少有两个追踪编号为UTA0352和UTA0355的威胁集群被认定参与攻击，但尚未排除其与APT29、UTA0304和UTA0307存在关联的可能性。 最新攻击的特征在于滥用合法的Microsoft OAuth 2.0身份验证工作流程。攻击者冒充欧洲多国官员，并至少在一次案例中利用被入侵的乌克兰政府账户诱骗受害者提供微软生成的OAuth代码以控制其账户。攻击者通过Signal和WhatsApp等即时通讯软件联系目标，邀请其参加与欧洲政要的视频通话或注册涉及乌克兰事务的私人会议，最终诱导受害者点击托管在Microsoft 365基础设施上的链接。 Volexity表示：“若目标回应信息，对话将迅速推进至实际安排会议时间。当约定时间临近时，伪装成欧洲政要的攻击者会再次联系目标，发送会议加入指引。”这些指引以文档形式呈现，随后攻击者发送会议链接。所有URL均重定向至Microsoft 365官方登录门户。 具体而言，攻击者设计的链接会重定向至微软官方URL并在过程中生成微软授权令牌，该令牌将出现在URI或重定向页面正文中。攻击随后试图诱骗受害者与攻击者共享该代码。这是通过将已认证用户重定向至浏览器版Visual Studio Code（insiders.vscode[.]dev）实现的，令牌将在此界面显示给用户。若受害者分享OAuth代码，UTA0352将生成访问令牌以最终控制受害者M365账户。 Volexity还观测到该活动的早期版本会将用户重定向至“vscode-redirect.azurewebsites[.]net”网站，该网站再次重定向至本地IP地址（127.0.0.1）。研究人员解释称：“此时授权码仅存在于URL中，用户浏览器会显示空白页面。攻击者必须要求用户分享浏览器URL才能获取代码。” 2025年4月初发现的另一社交工程攻击涉及UTA0355使用已入侵的乌克兰政府电子邮箱向目标发送钓鱼邮件，随后通过Signal和WhatsApp发送信息。这些信息邀请目标参加关于乌克兰“暴行罪”起诉及国际合作投资的视频会议。尽管最终目标与UTA0352相同，但存在关键差异：攻击者滥用微软365认证API获取受害者邮件数据，并将窃取的OAuth授权码用于在受害者Microsoft Entra ID（原Azure Active Directory）永久注册新设备。 攻击者随后发起第二轮社交工程以说服目标批准双重认证请求并劫持账户。Volexity指出：“在此次互动中，UTA0355要求受害者批准双重认证（2FA）请求以‘访问与会议关联的SharePoint实例’，此举旨在绕过受害者组织设置的额外安全要求以访问其邮箱。”该攻击的特别有效性体现在：登录活动、邮件访问及设备注册均通过地理位置与受害者匹配的代理网络进行，大幅增加检测难度。 为应对此类攻击，建议组织审计新注册设备、培训用户警惕即时通讯平台上的非主动联络，并实施条件访问策略限制仅允许受审批/管理设备访问组织资源。Volexity补充道：“近期攻击活动完全利用微软官方基础设施进行用户交互，未使用攻击者自托管设施。同时，攻击不涉及需用户显式授权的恶意OAuth应用（此类应用可被组织轻松拦截）。已获许可的微软原生应用使用使得该技术的预防与检测极为困难。”       消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability classified as critical was found in Itd-inc bingo!CMS up to 1.7.4.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2022-42458. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Book Store Management System 1.0.0 and classified as problematic. This vulnerability affects unknown code of the component Add New System User Module. The manipulation of the argument Level leads to cross site scripting. This vulnerability was named CVE-2022-45217. The attack can be initiated remotely. There is no exploit available.