Aggregator

HackerNews 编译，转载请注明出处： 美国网络安全和基础设施安全局（CISA）于周三将一个影响SonicWall Secure Mobile Access（SMA）100系列网关的安全漏洞添加至其”已知被利用漏洞（KEV）目录”，基于此漏洞正被活跃利用的证据。 该高危漏洞编号为CVE-2021-20035（CVSS评分：7.2），属于操作系统命令注入漏洞，可能导致代码执行。 “SMA100管理界面未能正确过滤特殊元素，使得远程认证攻击者能以’nobody’用户身份注入任意命令，可能导致代码执行。”SonicWall在2021年9月发布的公告中表示。该漏洞影响以下版本设备：SMA 200、SMA 210、SMA 400、SMA 410及SMA 500v（ESX、KVM、AWS、Azure）型号。 受影响版本包括： 10.2.1.0-17sv及更早版本（10.2.1.1-19sv及以上版本已修复） 10.2.0.7-34sv及更早版本（10.2.0.8-37sv及以上版本已修复） 9.0.0.10-28sv及更早版本（9.0.0.11-31sv及以上版本已修复） 尽管目前尚不清楚CVE-2021-20035漏洞被利用的具体细节，但SonicWall已更新公告指出”该漏洞可能正在现实中被利用”。 根据要求，联邦民事行政部门（FCEB）机构必须在2025年5月7日前采取必要的缓解措施，以保护其网络免受主动威胁。     消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文

Kimsuky攻击活动利用RDP漏洞与恶意软件实施定向渗透；APT29 再次针对欧洲外交官发起网络钓鱼攻击；Slow Pisces 使用新的定制 Python 恶意软件瞄准开发者；DarkHotel 组织最新 RPC 攻击组件披露

Windows漏洞CVE-2025-24054遭活跃利用，攻击者通过文件下载窃取NTLM凭据！

CC1的国内外半的前半链子一样，就后面不一样。一个是方法调用任意命令执行，一个是动态代理类调用方法任意命令执行。JDK版本限制是 JDK8U71以下。

Hobbits Hobbits is a software platform for analyzing, processing and visualizing bits. The Hobbits GUI is the central tool of the platform and will be the primary focus of this document. The Hobbits Runner...

The post hobbits: multi-platform GUI for bit-based analysis, processing, and visualization appeared first on Penetration Testing Tools.

Nemesis Nemesis is an offensive data enrichment pipeline and operator support system. Built on Kubernetes with scale in mind, our goal with Nemesis was to create a centralized data processing platform that ingests data...

The post Nemesis: An offensive data enrichment pipeline appeared first on Penetration Testing Tools.

CicadasCMS是用springboot+mybatis+beetl开发的一款CMS，支持自定义内容模型、模板标签、全站静态化等功能。

如果程序使用了setvbuf(stdout,0,0,0),要想使缓冲区的地址打印出来，有以下思路 1. 重新设置setvbuf，但这不知道管不管用，没法尝试因为这需要4个参数，没法控制rdx和rcx 2. 调用fflush(stdout)，但是需要泄露libc地址，死循环，这里做不到 3. 挤爆缓冲区，自然就会把内容打印出来了| 但这三种方法在题目中行不通怎么办呢，那就是使用fgetc。

上一年雖然止步於初賽，但之後找了時間復現了一下決賽，大概花了2、3周才復現完( 還是在有文章參考的情況下 )，內容很多，大致包括保護分析、vm分析、透視、自瞄實現。今年的決賽比較不同，他給了2種外掛，考察的是外掛功能的分析和外掛檢測，如下圖

struts2框架下的漏洞分析，一步步代码分析struts2漏洞到RCE

Canadian Cyber Agency Warns of Rising Chinese Cyberthreats.
The Canadian Center for Cybersecurity on Tuesday said it has observed "increasing levels" of malicious cyberactivity from China-linked hackers, including the group tracked Salt Typhoon. Exposed edge devices are at risk of attacks can be detected through mass scanning.

Researchers Say Chinese Mobile Route Firms Dominate Global Interconnect Industry
A report warns U.S. allies and countries across the globe are using Chinese-owned and controlled mobile routing firms in a move that could risk national security interests and potentially expose billions of users to passive and active surveillance from Beijing.

Case Resolves HHS OCR Scrutiny of Two Security Incidents
A Guam public hospital has agreed to pay federal regulators $25,000 and implement a corrective action plan to settle potential HIPAA violations - including a failure to conduct a comprehensive risk analysis - identified during an investigation into two security incidents.

Australia-Based Firm Adds Cloud, Red/Blue Team Skills to Infosys' Cyber Arsenal
With a planned $63 million acquisition of The Missing Link, Infosys deepens its cybersecurity capabilities and strengthens its global cloud and risk assessment services. The acquisition adds to its cyberdefense centers and enhances red/blue team capabilities and digital transformation support.

Canadian Cyber Agency Warns of Rising Chinese Cyberthreats.
The Canadian Center for Cybersecurity on Tuesday said it has observed "increasing levels" of malicious cyberactivity from China-linked hackers, including the group tracked Salt Typhoon. Exposed edge devices are at risk of attacks can be detected through mass scanning.

Researchers Say Chinese Mobile Route Firms Dominate Global Interconnect Industry
A report warns U.S. allies and countries across the globe are using Chinese-owned and controlled mobile routing firms in a move that could risk national security interests and potentially expose billions of users to passive and active surveillance from Beijing.

Case Resolves HHS OCR Scrutiny of Two Security Incidents
A Guam public hospital has agreed to pay federal regulators $25,000 and implement a corrective action plan to settle potential HIPAA violations - including a failure to conduct a comprehensive risk analysis - identified during an investigation into two security incidents.

Australia-Based Firm Adds Cloud, Red/Blue Team Skills to Infosys' Cyber Arsenal
With a planned $63 million acquisition of The Missing Link, Infosys deepens its cybersecurity capabilities and strengthens its global cloud and risk assessment services. The acquisition adds to its cyberdefense centers and enhances red/blue team capabilities and digital transformation support.

SwampCTF is a student-run competition and hosted by the University of Florida Student InfoSec Team (UFSIT) a.k.a Kernel Sanders.