Aggregator

Cybercriminals are sharpening their phishing tactics with tools like Blov HTML Crypter — a utility that modifies HTML files to evade detection by security scanners. By employing techniques such as minification, encryption, and encoding, this tool transforms malicious HTML content into a form that’s harder for security systems to recognize. Contact a SlashNext security expert […]

The post Blov HTML Crypter: Phishing Evasion Through Encryption and Obfuscation first appeared on SlashNext.

The post Blov HTML Crypter: Phishing Evasion Through Encryption and Obfuscation appeared first on Security Boulevard.

UK Minister Pat McFadden will say in a speech at a NATO conference that adversaries are looking at using AI on the physical and cyber battlefield

Китайцы уверены: умение сомневаться пойдет нейросети на пользу.

Как ваше лицо становится билетом на самолет и признаком законопослушного гражданина.

Пойдет ли компания на сделку с хакерами, как ее коллеги из индустрии?

NPM的供应链攻击

A vulnerability was found in Linux Kernel up to 6.11.7. It has been rated as problematic. This issue affects the function sctp_sf_ootb. The manipulation leads to state issue. The identification of this vulnerability is CVE-2024-50299. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.11.7. Affected is the function pci_disable_sriov. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-50296. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.10.229/5.15.171/6.1.116/6.6.60/6.11.7. Affected is the function dma_map_single/dma_unmap_single. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-50295. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.7. It has been classified as critical. This affects an unknown part of the component cx24116. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-50290. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in sqlparse up to 0.4.x. This affects the function sqlparse.parse. The manipulation leads to uncontrolled recursion. This vulnerability is uniquely identified as CVE-2024-4340. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Red Hat OpenStack Platform. Affected is an unknown function of the component Director. The manipulation leads to sensitive information in log files. This vulnerability is traded as CVE-2024-4840. The attack needs to be done within the local network. There is no exploit available.

俄罗斯上周四从哈萨克斯坦拜科努尔航天发射场发射了进步号（Progress）货运飞船，为国际空间站执行例行补给任务，运送食物、燃料和补给等货物。但周六俄罗斯宇航员打开飞船舱门时他们闻到了一股恶臭，看到了小的液滴，他们随即关闭了舱门。NASA 报告到上周日空间站的空气质量处于正常水平。Russian Space Web 的 Anatoly Zak 声称气味有毒。暂时不清楚是什么导致了恶臭。这不是俄罗斯太空设备第一次发生泄漏。

最终排名来了

360发布全球首份《大模型安全漏洞报告》，曝光Intel等知名开源产品漏洞