Aggregator

Пользователи массово жалуются на недоступность видеохостинга.

回复口令[握手]：“公事公办”，获取今日最新情报！ tips强烈推荐[玫瑰]：https://tix.qq.com - 高阶版免费体验：查询额度权益 - 每日最新封禁IOC获取 - 专家IP鉴定分析权限

作者：evilpan 原文链接：https://evilpan.com/2023/09/09/java-fuzzing/ 去年泛微发布了 10.58.6 补丁，修复好几个笔者之前储备的 0day，本文就来介绍其中一系列比较有意思的漏洞，以及分享一下相关的挖掘思路。 1 背景 最近几个月笔者都在研究 Java Web 方向，一方面是工作职责的调整，另一方面也想挑战一下新的领域。对于漏洞挖掘而言...

英国信息专员办公室 (ICO) 宣布了一项临时决定，对高级计算机软件集团有限公司 (Advanced) 处以 609 万英镑（774 万美元）的罚款，原因是该公司在 2022 年遭受勒索软件攻击时未能保护好数万人的个人信息。 Advanced 是英国国家医疗服务体系 (NHS) 签约的 IT 服务和托管供应商，于 2022 年 8 月 4 日遭到威胁行为者的攻击。 该事件影响了数百家公共和私人实体，包括 NHS 111 以及 Adastra、Caresys、Odyssey、Carenotes、Crosscare、Staffplan 和 eFinancials 等各种医疗保健产品。 此次泄密事件导致近 83,000 人的个人信息被泄露，其中包括 890 名接受居家护理人员的入院指导。 尽管所有受影响的人都已被告知并被警告采取行动降低风险，而且到目前为止，没有任何攻击数据在暗网上发布，但敏感数据泄露的潜在影响是巨大的。 “这一事件表明信息安全是多么重要。”英国信息专员约翰·爱德华兹表示，“失去对敏感个人信息的控制，会让那些别无选择只能信任医疗和护理机构的人感到痛苦。” 爱德华兹在谈到高级安全立场时补充道：“对于一个受信任处理大量敏感和特殊类别数据的组织来说，我们暂时发现其在此次事件之前的信息安全方法存在严重缺陷。” ICO 指出，实施基本措施（例如应用安全更新、启用多因素身份验证以及检查系统是否存在已知漏洞）对于保护敏感数据至关重要，所有组织都应遵循这些最低限度的步骤。 该临时决定的发布旨在提醒所有组织其安全义务以及一旦失败可能产生的后果。 但是770 万美元的罚款尚未实施，ICO 表示将等待 Advanced 的评论后再做出最终决定，因此罚款金额可能会发生变化。 如果Advanced无法提供令人信服的论据，且罚款仍为774万美元，则每位被曝光者的罚款将相当于93.3美元，与过去的类似事件相比，这个数字非常高。   消息来源：BleepingComputer，译者：YY；   本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

美国证券交易委员会（SEC）已经结束了对 Progress 软件公司处理 MOVEit Transfer 的0day漏洞被广泛利用、导致 9500 多万人数据泄露事件的调查。 Progress Software 在提交给美国证券交易委员会的最新 FORM 8-K 文件中表示，美国证券交易委员会执法部将不建议对这起安全事件采取任何执法行动。 美国证券交易委员会周四晚间提交的文件中写道：“美国证券交易委员会已通知 Progress，目前不打算建议对该公司采取执法行动。” “如前所述，Progress 于 2023 年 10 月 2 日收到了美国证券交易委员会的传票，作为事实调查的一部分，要求提供与 MOVEit 漏洞有关的各种文件和信息。” 美国证券交易委员会（SEC）正在对 Progress Software 公司在应对通过 MOVEit Transfer 软件存在的0day漏洞引发的大规模数据盗窃攻击过程中所采取的措施进行调查。 据BleepingComputer首次报道，在 2023 年烈士纪念日假期期间，Clop 勒索软件团伙利用0day漏洞对全球公司发起了大规模数据盗窃活动。 据一直在追踪此次攻击影响的Emsisoft称，超过 2,770 家公司和 9500 万人的数据通过0day漏洞被窃取。 由于攻击影响广泛，Clop 团伙预计将获得 7500 万至 1 亿美元的赎金，攻击对象包括政府机构、金融公司、医疗保健机构、航空公司和教育机构。 尽管美国证券交易委员会不建议采取任何行动，但 Progress Software 仍然面临马萨诸塞州联邦法院的数百起集体诉讼 。   消息来源：BleepingComputer，译者：YY；   本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A critical vulnerability in Cisco’s Smart Software Manager On-Prem (SSM On-Prem) has surfaced, allowing unauthenticated, remote attackers to change user passwords, including those of administrative users. This flaw, rooted in improperly implementing the password-change process, has raised significant security concerns among Cisco users and IT professionals worldwide. CVE-2024-20419 – Vulnerability Details The vulnerability enables attackers […]

The post Cisco Software Manager Password Change Vulnerability Let Hackers Change password appeared first on Cyber Security News.

罗技公司 CEO Hanneke Faber 最近关于采用订阅制的永久使用鼠标的言论引发了广泛争议，这家知名外设制造商随后撤回了相关言论。该公司澄清永久使用的订阅制鼠标只是一种内部讨论的设想，并不是计划中的产品。愈来愈多的产品和服务拥抱订阅制，对这种需要持续支付才能继续使用的做法也引发了反弹，订阅模式不能成为每个试图寻找新收入来源的 CEO 的默认反应。

Several high-severity vulnerabilities have been discovered in BIND, potentially exposing millions of DNS servers to denial-of-service attacks. These issues have prompted urgent security updates from major Linux distributions such as Ubuntu and Debian. In this article, we explore the details of these vulnerabilities, their potential impact, and provide guidance on how to protect your Linux […]

The post BIND Vulnerabilities: Urgent Security Updates Released appeared first on TuxCare.

The post BIND Vulnerabilities: Urgent Security Updates Released appeared first on Security Boulevard.

Hackers stole $12m in virtual currency from Ronin Network, which has previously suffered a massive $620m heist

The Australian Cyber Security Centre (ACSC) has developed the Essential Eight, a set of baseline mitigation strategies designed to protect organizations against a wide range of

The post Enhancing Enterprise Security with the Essential Eight and StorageGuard   appeared first on Continuity™.

The post Enhancing Enterprise Security with the Essential Eight and StorageGuard   appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, was found in Huawei HarmonyOS and EMUI. Affected is an unknown function of the component Lock Screen Module. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2023-7265. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Huawei HarmonyOS and EMUI. This issue affects some unknown processing of the component Content Sharing Pop-Up Module. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2024-42030. Attacking locally is a requirement. There is no exploit available.

由于 GPS 精确且易于使用，美国海军学院停止教授传统导航方法如天文导航。但过去几年，GPS 被发现容易干扰，海军学院认为军官需要备用的导航方法，恢复了对天文导航的学习。北极星是不会改变位置的，毕竟黑客不能入侵天空。但如果天空上有云看不见星星呢？洛克希德马丁公司的工程师 Michael DiMario 有一个答案：量子传感器。DiMario 的团队过去五年一直在构建量子传感器原型。原型使用了人造钻石，用激光照射钻石，由于量子力学效应，钻石发射出多少光取决于当地的磁场。由于不需要与卫星通信，量子传感器不容易受到黑客攻击。

The United States has intensified its efforts to combat cyber threats by offering a substantial reward for information leading to identifying or locating individuals involved in malicious cyber activities against U.S. critical infrastructure. The move comes as part of a broader strategy to counter cyber threats from foreign entities. Reward for Justice Program According to […]

The post US to offer $10 million for Information on Iranian CyberAv3ngers Hackers appeared first on Cyber Security News.

A vulnerability classified as critical was found in ZTE ZXV10 XT802 and ZXV10 ET301. This vulnerability affects unknown code of the component Terminal Web. The manipulation leads to improper privilege management. This vulnerability was named CVE-2024-22069. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Какие задачи легли на плечи новых сотрудников?

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint advisory on the BlackSuit Ransomware group. The advisory includes recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise […]

We’re excited to share that ANY.RUN has been honored with multiple recognitions from G2, the world’s leading business software and services review platform!   As always, we’re committed to providing top-tier malware analysis and system security solutions to all our customers, which is reflected in these titles ANY.RUN received on G2:  Here’s what each title […]

The post ANY.RUN Recognized as a Leader in Multiple G2 Categories for 2024 appeared first on ANY.RUN's Cybersecurity Blog.

Three potential vulnerabilities in Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) could allow an attacker to read or corrupt the memory of a guest VM. To establish an isolated execution environment, (SEV-SNP) adds robust memory integrity protection to prevent malicious hypervisor-based attacks, including data replay, memory remapping, and more. AMD fixes multiple memory flaws […]

The post AMD Patches Multiple Memory Vulnerabilities That Leads Corrupt The Guest VM appeared first on Cyber Security News.

Зарегистрированные пользователи могут получать полные отчеты о проверке файлов.