Aggregator

CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve.  The threat actor has been actively targeting SMBs worldwide, exploiting vulnerabilities to gain access to their systems and experimenting with the leaked LockBit builder, attempting to leverage its reputation by impersonating the […]

The post CosmicBeetle Exploiting Old Vulnerabilities To Attacks SMBs All Over The World appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including a novel IIS backdoor and DNS tunneling protocol.  The malware used in this campaign shares similarities with previously reported APT34 malware families, such as Karkoff, Saitama, and IIS Group 2.  […]

The post Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Synetics Idoit Pro 28 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument id/lang/mNavID/name/pID/treeNode/type/view leads to cross site scripting. This vulnerability is known as CVE-2024-8750. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Synetics Idoit Pro 28. Affected is an unknown function of the file /var/www/html/src/classes/modules/api/model/cmdb/isys_api_model_cmdb_objects_by_relation.class.php of the component Query Handler. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2024-8749. It is possible to launch the attack remotely. There is no exploit available.

Вебинар Positive Technologies состоится 17 сентября в 14:00.

Waymo 的无人驾驶出租车行驶里程已超过了 2200 万英里，至今共报告了 20 人受伤的碰撞事故，相当于每行驶 100 万公里碰撞事故造成不到 1 人受伤。相比下同距离人类司机会发生 64 起车祸。Waymos 汽车每英里行驶发生伤人车祸的可能性不到人类司机的三分之一。Waymo 报告，大部分车祸不是无人驾驶出租车造成的，而是后面的人类司机追尾。它报告无人出租车只发生 5 起触发安全气囊的碰撞，23 起最严重车祸中 16 起涉及追尾，3 起人类司机闯红灯后撞上 Waymo 的出租车。Waymo 无人汽车没有发生过闯红灯、追尾或其它违反交通法的行为。

Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory points to a need for users to implement the updates quickly, but the fix for CVE-2024-41869 is actually an additional, more complete fix for CVE-2024-39383, which was supposedly addressed with a security update released in August 2024. … More →

The post Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) appeared first on Help Net Security.

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   

CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:  

• Security update available for Adobe Media Encoder | APSB24-53
• Security update available for Adobe Audition | APSB24-54
• Security update available for Adobe After Effects | APSB24-55
• Security update available for Adobe Premiere Pro | APSB24-58
• Security update available for Adobe Illustrator | APSB24-66
• Security update available for Adobe Acrobat Reader | APSB24-70
• Security update available for Adobe ColdFusion | APSB24-71
• Security update available for Adobe Photoshop | APSB24-72

CISA released twenty-five Industrial Control Systems (ICS) advisories on September 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-256-01 Siemens SINEMA Remote Connect Server
• ICSA-24-256-02 Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D
• ICSA-24-256-03 Siemens User Management Component (UMC)
• ICSA-24-256-04 Siemens SINUMERIK Systems
• ICSA-24-256-05 Siemens Mendix Runtime
• ICSA-24-256-06 Siemens Automation License Manager
• ICSA-24-256-07 Siemens SIMATIC RFID Readers
• ICSA-24-256-08 Siemens Industrial Products
• ICSA-24-256-09 Siemens SIMATIC, SIPLUS, and TIM
• ICSA-24-256-10 Siemens SINEMA
• ICSA-24-256-11 Siemens Industrial Edge Management
• ICSA-24-256-12 Siemens Tecnomatix Plant Simulation
• ICSA-24-256-13 Siemens SCALANCE W700
• ICSA-24-256-14 Siemens SIMATIC SCADA and PCS 7 Systems
• ICSA-24-256-15 Siemens Industrial Products
• ICSA-24-256-16 Siemens Third Party Component in SICAM and SITIPE Products
• ICSA-24-256-17 AutomationDirect DirectLogic H2-DM1E
• ICSA-24-256-18 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380
• ICSA-24-256-19 Rockwell Automation OptixPanel
• ICSA-24-256-20 Rockwell Automation AADvance Trusted SIS Workstation
• ICSA-24-256-21 Rockwell Automation 5015-U8IHFT
• ICSA-24-256-22 Rockwell Automation FactoryTalk Batch View
• ICSA-24-256-23 Rockwell Automation FactoryTalk View Site
• ICSA-24-256-24 Rockwell Automation Pavilion8
• ICSA-24-256-25 Rockwell Automation ThinManager

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Cisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the following advisories and apply the necessary updates: 

• September 2024 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication

Work continues to determine cause of the 2021 tragedy and to develop science-based recommendations to improve building safety.

Want to protect your clients against breaches in the cloud? Learn how the CIS Hardened Images can help your clients take a comprehensive approach to CSPM.

胡金鱼

国家漏洞库网络安全治理产业协同创新研讨会正式召开。

探讨AI技术如何更好服务于网信领域，促进技术与行业深度融合。