Aggregator

漏洞猎手的招募火热进行中。

KCon大会培训日回归！课程人员有限，先到先得~

漏洞猎手的招募火热进行中。

A vulnerability classified as critical has been found in Zabbix up to 5.0.42/6.0.30/6.4.15/7.0.0rc2. Affected is an unknown function of the component Agent Application. The manipulation leads to preservation of permissions. This vulnerability is traded as CVE-2024-22121. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Zabbix Server up to 5.0.42/6.0.30/6.4.15/7.0.0rc2. It has been rated as problematic. This issue affects some unknown processing of the component SMS Notification Handler. The manipulation of the argument Number leads to command injection. The identification of this vulnerability is CVE-2024-22122. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

ReliaQuest found that Rclone, WinSCP and cURL were the top three data exfiltration tools utilized by threat actors over the past year

Новый международный стандарт противодействия кибератакам.

ADT Inc., a prominent security and automation solutions provider, reported that unauthorized actors accessed specific databases containing customer order information. The company swiftly addressed the breach, which raised concerns about data security and customer privacy. Unauthorized Access and Immediate Response ADT became aware of the breach when unauthorized actors illegally accessed customer order information databases. […]

The post ADT Data Breach: Customers Personal Information Exposed appeared first on Cyber Security News.

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

2024年7月，Microsoft官方发布公告，披露 CVE-2024-38077 Windows Server 远程桌面授权服务(Remote Desktop Licensing Service，简称RDL) 远程代码执行漏洞。

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

At the recent Black Hat USA conference, security researcher Michael Bargury unveiled alarming vulnerabilities within Microsoft Copilot, demonstrating how hackers can potentially exploit this AI-powered tool for malicious purposes. This revelation underscores the urgent need for organizations to reassess their security measures when using AI technologies like Microsoft Copilot. Bargury’s presentation highlighted several methods through […]

The post Researchers Demonstrate How Hackers Can Exploit Microsoft Copilot appeared first on Cyber Security News.

腾讯云 DNSPod 官方8月9日发文，称监测到国内大量家用路由器的 DNS 解析配置被篡改，从而影响到了正常的网站和 App 访问。

Почему продолжают ужесточать контроль над онлайн-пространством.