Aggregator

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,

A vulnerability was found in D-Link DIR-859 A3 up to 1.05. It has been classified as critical. This affects an unknown part of the file /getcfg.php. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2024-57045. It is possible to initiate the attack remotely. There is no exploit available.

Unit21 launched its new scams solution that helps financial institutions and fintechs detect and stop scams before they cause financial harm. Using AI automation, the new solution can be integrated into a fraud team’s workflow to accelerate investigations and response times while also incorporating IP insights and consortium signals to prevent and detect scams before they hit consumer financial accounts. Advancements in technology have allowed criminals to scam consumers and businesses at unprecedented speed and … More →

The post Unit21 empowers financial institutions to detect and stop scams appeared first on Help Net Security.

A vulnerability was found in TP-LINK WR840N v6 up to 0.9.1 4.16 and classified as critical. Affected by this issue is some unknown functionality of the file /cgi. The manipulation leads to improper authentication. This vulnerability is handled as CVE-2024-57050. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in TP-LINK Archer C20 up to 6.6_230412 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cgi. The manipulation leads to improper authentication. This vulnerability is known as CVE-2024-57049. The attack can be launched remotely. There is no exploit available.

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.77/6.12.13/6.13.2/6.14-rc1. Affected is the function qdisc_tree_reduce_backlog of the component netem. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21703. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.13/6.13.2/6.14-rc1. This issue affects some unknown processing of the component pfifo_tail_enqueue. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2025-21702. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

OpenSSH修复了两个高危漏洞，可能导致中间人攻击和DoS攻击，威胁敏感数据和关键服务器。用户需立即升级至9.9p2版本以防范风险。

Яндекс Браузер зафиксировал рост атак на 20% по сравнению с декабрем.

Amazon GuardDuty is often referred to as the security hub of Amazon’s cloud ecosystem. It provides advanced threat detection by analyzing run-time (OS-level) activities, network traffic logs, and security events. Amazon describes it as “a single runtime monitoring solution for your compute on AWS.”  In our latest Veriti research, we analyzed Amazon GuardDuty logs to […]

The post Inside Amazon GuardDuty: What the Logs Reveal About Cloud Security  appeared first on VERITI.

The post Inside Amazon GuardDuty: What the Logs Reveal About Cloud Security  appeared first on Security Boulevard.

A vulnerability classified as critical was found in undsgn Uncode Core Plugin up to 2.9.1.6 on WordPress. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to code injection. This vulnerability was named CVE-2024-13689. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Netgear DGN2200 up to 1.0.0.46. This affects an unknown part. The manipulation of the argument x with the input 1.gif leads to improper authentication. This vulnerability is uniquely identified as CVE-2024-57046. It is possible to initiate the attack remotely. There is no exploit available.

澳大利亚北部和东南亚茂密的雨林中生活着一种吸食果实的吸果蛾，它的翅膀虽然是扁平光滑的，但通过制造光学幻象，让自己看起来像一片三维的树叶，甚至有凸起的中脉。吸果蛾伪装成树叶的形状是为了欺骗捕食者，尤其是鸟类，让其以为它不是食物。虽然吸果蛾在1877年就被首次发现，但直到现在，人们还认为这种相似是由色素和身体形状造成的。西澳大利亚大学珀斯分校的生物学家 Jennifer Kelley 表示，吸果蛾翅膀的鳞片是一种纳米结构，模仿了光滑弯曲的叶子表面上的高光，这是一种结构着色，与彩虹形成的机制相同。

Intel by Intruder now uses AI to contextualize NVD descriptions, helping security teams assess risk faster. Intruder, a leader in attack surface management, has launched AI-generated descriptions for Common Vulnerabilities and Exposures (CVEs) within its free vulnerability intelligence platform, Intel. This new feature enhances cybersecurity professionals’ ability to quickly understand and assess vulnerabilities, addressing a […]

The post Intruder Expands ‘Intel’ Vulnerability Intelligence Platform with AI-Generated CVE Descriptions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.