Aggregator

A vulnerability has been found in Canonical Ubuntu Linux and classified as critical. This vulnerability affects unknown code of the component HFS+ filesystem. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2025-0927. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

DIDarknet:一种利用深度图像学习检测和表征暗网流量的现代方法 by ourren

更多最新文章，请访问SecWiki

Shawn C 写道: Intel CSME（企业安全管理引擎）可以说是当前最复杂的带外平台之一，然而厂商对此并未提供足够的透明度。Mark Ermolov撰写的这篇出色文章深入揭示了其技术细节，这些细节源于多年的研究、调试和逆向工程。对于x86平台的系统安全防护而言，若不将Intel CSME或AMD PSP等原厂带外系统纳入威胁模型的构建，得出的结论必然会存在偏颇。CSME是“通过模糊性实现安全”的极端案例。自2015年以来，CSME本身提供了众多安全特性，但其内部机制却不透明，攻击者和安全研究人员只能依赖逆向工程和调试来进行研究。这种情况对研究人员而言充满挑战与乐趣，但对企业和个人的安全而言，却是教科书式的灾难。CSME的复杂性即使对大多数安全从业人员来说也依然难以捉摸，更不用说非安全领域的从业人员和普通用户。
换个角度来看，如果带外系统能够有开源实现，将极大减少信息不对称的风险。尽管开源本身带来的透明度并不一定直接转化为安全收益，但它无疑为安全研究提供了更为广阔的视野和更高的参与度。

美国最高法院于 2014 年裁决，无搜查令搜查手机违反了宪法第四修正案，但边境或入境处搜查手机不属于违宪。理由是入境处如机场和边境的搜查属于美国国境之外的搜查，因此美国海关和边境保护局（CBP）等执法机构可以无搜查令搜查手机，并根据手机上的内容拒绝旅客入境。电子前哨基金会（EFF）的资深律师 Saira Hussain 指出，宪法第四修正案将边境搜查列为例外，其最初的设想是允许海关官员搜查行李之类的物品，因为你随身携带的任何东西都与旅行相关，搜查行李箱是为了寻找不允许入境的人或物。但今天的时代不同了，你随身携带的手机包含了你所有的隐私和秘密，不只是与旅行相关。Hussain 建议旅行者在美国入境时尽可能少的携带数据——也就是最好使用一次性的手机而不是你常用的手机。如果想继续使用自己的常用设备，那么最好将设备上的数据上传到云端，然后清空数据，将手机保持在飞行模式或关机。这么做只是降低在入境时面临的风险。CBP 如果真的想查看你的手机，他们还是可能会找到办法。

A vulnerability was found in Apple iCloud up to 7.10 on Windows. It has been declared as critical. This vulnerability affects unknown code of the component WebKit. The manipulation leads to memory corruption. This vulnerability was named CVE-2019-8558. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Acrobat Mobile Sign up to 24.4.2.33155 on Android and classified as problematic. This vulnerability affects unknown code. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2024-34130. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in PivotX up to 2.3.2. This vulnerability affects unknown code. The manipulation of the argument File leads to cross site scripting. This vulnerability was named CVE-2012-2274. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Verint WFO. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2024-36395. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Dell Secure Connect Gateway Policy Manager up to 5.22.00.18. It has been classified as problematic. This affects an unknown part. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is uniquely identified as CVE-2024-37131. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in cvat-ai cvat up to 2.14.2. This affects an unknown part of the component Export/Backup. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-37306. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in XjSv Cooked Pro Recipe Plugin up to 1.7.15.4 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation of the argument _recipe_settings[post_title] leads to cross site scripting. This vulnerability was named CVE-2024-37308. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Opera Web Browser up to 7.19. It has been classified as critical. This affects an unknown part. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2011-4684. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iTunes up to 12.9.3 on Windows and classified as critical. Affected by this issue is some unknown functionality of the component WebKit. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2019-8558. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Article Dashboard. This issue affects some unknown processing of the component Dashboard. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2008-0286. The attack may be initiated remotely. Furthermore, there is an exploit available.

Speaker: Lenin Alevski

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite []DEF CON 32]2 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Recon Village – Recon MindMap: Organize, Visualize & Prioritize Recon Data appeared first on Security Boulevard.

DeepImage使用深度学习检测暗网流量，通过随机森林进行特征筛选，挑出重要特征，并用这些特征生成灰度图输入到二维卷积神经网络（CNN）中进行训练和测试。