Aggregator

The future of cybersecurity isn't about preventing every breach — it's about learning and growing stronger with each attack.

研究人员调查了 Telegram 上提供社工库服务的中文数据供应商，其中 Carllnet、DogeSGK 和 X-Ray 的频道都有数万名成员，使用一种积分系统进行支付。积分通常可用 Tether 币购买，有时候也支持微信支付或支付宝。社工库提供了范围广泛的用户信息查询，包括电话号码、通话记录、银行账户、结婚记录、车辆登记、酒店预订等个人消息。如果支付更昂贵的费用，它们还会提供更敏感的信息如护照图像或地理位置记录。社工库的数据部分聚合自网上泄露的数据库，但部分数据可能是由内部人士供应的。供应商向内部人士提供了相当可观的报酬。研究人员称大规模数据收集是一把双刃剑。

A vulnerability was found in University of Washington POP3 and IMAP4 and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-1999-0042. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

One of these flaws detected using LLMs was in the widely used OpenSSL library

Genisten van de Koninklijke Landmacht kunnen sinds gisteren een beroep doen op de nieuwe wegenmattenlegger. De militaire bouwvakkers kunnen deze gebruiken om een onverhard oppervlak tijdelijk te verharden. Denk bijvoorbeeld aan drassige bodems en oevers. Het nieuwe systeem is gisteren in Vught overgedragen.

Halo Security, a leader in external attack surface management and penetration testing, has announced the launch of its new Slack® app, empowering cybersecurity teams to receive real-time alerts on newly discovered assets, vulnerabilities, and other essential security updates directly within the Slack collaboration software. This new integration allows Halo Security’s customers to seamlessly incorporate important […]

The post Halo Security Launches Slack Integration for Real-Time Alerts on New Assets and Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

在数字互动维持社交纽带的时代，印度研究人员提出了如何用最少的精力去维持数字友谊的方法：对朋友发送的各种梗回复“Haha So True!”。研究报告发表在《Journal of Astrological Big Data Ecology》期刊上。研究人员对 150 名参与者进行了三盲随机实验，测量了 Haha So True! 回复的效果，并对比了类似 OMG LMAO 或 LOL, I just snorted coffee 不同回复的效果差异。结果显示，Haha So True! 相比字数更多更努力的回复，在让朋友满意、减轻罪恶感和投射“我在乎……就够了”氛围上效果相差无几。

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins. [...]

A vulnerability was found in Apple Mac OS X up to 10.10. It has been rated as problematic. This issue affects some unknown processing of the component IOGraphics. The manipulation leads to information disclosure (Kernel Memory). The identification of this vulnerability is CVE-2015-5865. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Apple Mac OS X up to 10.10. Affected is an unknown function of the component IOHIDFamily. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2015-5866. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple Mac OS X up to 10.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component IOGraphics. The manipulation leads to memory corruption. This vulnerability is known as CVE-2015-5890. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Apple Mac OS X up to 10.10. Affected by this issue is some unknown functionality of the component IOGraphics. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2015-5871. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Apple Mac OS X up to 10.10. This affects an unknown part of the component IOGraphics. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2015-5872. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple Mac OS X up to 10.10 and classified as problematic. This vulnerability affects unknown code of the component IOGraphics. The manipulation leads to memory corruption. This vulnerability was named CVE-2015-5873. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

苹果公司19日发布安全更新，修复了两个被用于攻击Mac用户的安全漏洞，并建议所有用户安装。 苹果在官网发布的安全公告中表示，发现了两个漏洞（CVE-2024-44308、CVE-2024-44309），可能在基于英特尔处理器的Mac系统上“被积极利用”。这类漏洞属于零日漏洞，因为在漏洞被攻击者利用时，苹果尚未意识到它们的存在。 为修复这两个漏洞，苹果发布了一系列软件更新，包括macOS、iOS和iPadOS。 目前尚不清楚针对Mac用户的攻击是由谁发起，也不清楚有多少用户成为目标，或者是否有用户设备已经被成功攻破。这些漏洞由谷歌威胁分析小组报告，该小组专注于调查政府支持的黑客行为和网络攻击。这表明，此次攻击可能涉及某个政府背景的行为者。而政府支持的网络攻击有时会使用商业间谍软件针对目标设备展开行动。 苹果在公告中表示，这些漏洞与WebKit和JavaScriptCore有关。WebKit是Safari浏览器运行网络内容的核心引擎，同时也是恶意攻击者的常见目标。攻击者通常通过利用WebKit引擎中的漏洞，侵入设备的软件系统，进而窃取用户的隐私数据。 安全公告进一步指出，这些漏洞可通过诱使易受攻击的苹果设备处理恶意构造的网络内容（如伪造的网站或电子邮件），触发任意代码执行，从而在目标设备上植入恶意软件。 苹果建议用户尽快更新其iPhone、iPad和Mac设备，以降低安全风险。 苹果生态已成零日攻击高发地带 加上这两个漏洞，苹果在2024年已累计修复了六个零日漏洞。今年的首次修复发生在1月，随后在3月修复了两个漏洞，5月修复了第四个漏洞。 相比2023年修复的20个遭在野利用的零日漏洞，今年的情况有了显著改善。 以下是2023年苹果修复零日漏洞的时间表： 11月修复的两个零日漏洞（CVE-2023-42916和CVE-2023-42917） 10月修复的两个零日漏洞（CVE-2023-42824和CVE-2023-5217） 9月修复的五个零日漏洞（CVE-2023-41061、CVE-2023-41064、CVE-2023-41991、CVE-2023-41992和CVE-2023-41993） 7月修复的两个零日漏洞（CVE-2023-37450和CVE-2023-38606） 6月修复的三个零日漏洞（CVE-2023-32434、CVE-2023-32435和CVE-2023-32439） 5月修复的三个零日漏洞（CVE-2023-32409、CVE-2023-28204和CVE-2023-32373） 4月修复的两个零日漏洞（CVE-2023-28206和CVE-2023-28205） 2月修复的另一个WebKit零日漏洞（CVE-2023-23529）。       转自安全内参，原文链接：https://www.secrss.com/articles/72598 封面来源于网络，如有侵权请联系删除

A vulnerability, which was classified as problematic, was found in mra13 Simple Membership Plugin up to 4.5.5 on WordPress. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-11088. It is possible to initiate the attack remotely. There is no exploit available.