Submit #411216: code-projects blood-bank-management-system-in-php-with-source-code V1.0 SQL Injection [Accepted]
Submit #411216 / VDB-278205
Aggregator
CVE-2007-3118 | Kravchuk unsubs.php scdir Remote Code Execution (EDB-4034 / XFDB-34738)
5 months 2 weeks ago
A vulnerability was found in Kravchuk and classified as critical. Affected by this issue is some unknown functionality of the file unsubs.php. The manipulation of the argument scdir leads to Remote Code Execution.
This vulnerability is handled as CVE-2007-3118. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
RansomHub
5 months 2 weeks ago
cohenido
Крупнейший выкуп в истории: $75 млн за данные пациентов
5 months 2 weeks ago
Компания подняла планку для всех вымогателей, установив новый рекорд.
Opnova emerges from stealth with $3.75 million in funding
5 months 2 weeks ago
Opnova announced its official launch, introducing an agentic AI platform designed to close the automation gap in complex operational workflows. Backed by $3.75 million in pre-seed funding co-led by Faber, ScaleX, and Preface Ventures, Opnova is set to redefine IT operations by addressing the challenges posed by rework—the time spent on repetitive, mundane, yet essential tasks. Operations teams are the backbone of every business, but the weight of repetitive tasks can seriously impact efficiency and … More →
The post Opnova emerges from stealth with $3.75 million in funding appeared first on Help Net Security.
Industry News
Breach Roundup: Cyberwar Is Too Hot for Insurers
5 months 2 weeks ago
Also: A Phishing Network Takedown, Another Ivanti Critical Flaw and Meta Bans RT
Munich Re said it can't insure cyberwar, it was Rhysida that hit the Seattle airport, Meta banned RT, Ivanti disclosed a flaw, hackers exploited construction software, AT&T settled with FCC, Transport of London is checking users, web servers pose big risk, and police disrupted a phishing network.
Munich Re said it can't insure cyberwar, it was Rhysida that hit the Seattle airport, Meta banned RT, Ivanti disclosed a flaw, hackers exploited construction software, AT&T settled with FCC, Transport of London is checking users, web servers pose big risk, and police disrupted a phishing network.
Microsoft: Russian Cyber Proxies Targeting Harris Campaign
5 months 2 weeks ago
Microsoft Says Russia-Linked Cyber Actors Are Supporting Trump by Attacking Harris
Microsoft warned the Kremlin is targeting the 2024 presidential election campaign of Vice President Kamala Harris with its wide-ranging election interference operations. Russian groups likely aligned with the Kremlin have shifted their focus to the Harris campaign in recent months.
Microsoft warned the Kremlin is targeting the 2024 presidential election campaign of Vice President Kamala Harris with its wide-ranging election interference operations. Russian groups likely aligned with the Kremlin have shifted their focus to the Harris campaign in recent months.
Picus Security Receives $45M to Enhance Exposure Management
5 months 2 weeks ago
Riverwood Capital Leads Investment in Security Validation Firm to Grow in Americas
Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and automated pen testing. The company plans to expand further in the Americas, targeting key growth areas.
Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and automated pen testing. The company plans to expand further in the Americas, targeting key growth areas.
Tor Says Platform Is Safe After German Police Interception
5 months 2 weeks ago
German Law Enforcement Reportedly Deanonymized Tor User in 2021
The Tor Project on Wednesday reassured users that they will remain anonymous after media reported that German police successfully used Tor to trace the alleged administrator of a child pornography site. Tor users can continue to use the browser "securely" and the "Tor Network is healthy," it said.
The Tor Project on Wednesday reassured users that they will remain anonymous after media reported that German police successfully used Tor to trace the alleged administrator of a child pornography site. Tor users can continue to use the browser "securely" and the "Tor Network is healthy," it said.
Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions
5 months 2 weeks ago
The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold
独立开发变现周刊(第150期) : 通过4个SaaS赚取40万欧元
5 months 2 weeks ago
分享独立开发、产品变现相关内容,每周五发布。目录1、aiapply: 用AI 自动化找工作2、【增长】:SEO 有效的增长策略3、【粉丝自荐】Paint Board: 一款功能强大的 WEB 端创意画
青藤天睿RASP荣获“2024应用安全卓越产品奖”
5 months 2 weeks ago
青藤,让云更安全
CVE-2024-9034 | code-projects Patient Record Management System 1.0 login.php username sql injection
5 months 2 weeks ago
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection.
This vulnerability is handled as CVE-2024-9034. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-9033 | SourceCodester Best House Rental Management System 1.0 ajax.php name cross site scripting
5 months 2 weeks ago
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_category. The manipulation of the argument name leads to cross site scripting.
This vulnerability is known as CVE-2024-9033. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Hertz Car Rental Platform Leaks 60,000 Insurance Claim Reports
5 months 2 weeks ago
Hertz, a well-known car rental company, has inadvertently exposed over 60,000 insurance claim reports. This breach has raised serious concerns about the company’s data security practices and left customers questioning the safety of their personal information. Discovery of the Breach The breach came to light when a customer received an unexpected email from Hertz regarding […]
The post Hertz Car Rental Platform Leaks 60,000 Insurance Claim Reports appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
Submit #411119: code-projects Patient Record Management System 1.0 SQL Injection [Accepted]
5 months 2 weeks ago
Submit #411119 / VDB-278204
keepgoing2077
Submit #410977: SourceCodester Best house rental management system project in php 4/15 XSS [Accepted]
5 months 2 weeks ago
Submit #410977 / VDB-278203
webray.com.cn
应急处置工具之Windows恶意进程文件检测工具
5 months 2 weeks ago
工具介绍此工具基于Go语言和Yara规则,实现对Windows主机进程和文件的扫描,旨在帮助应急人员快速定位恶意进程和恶意文件,清除主机存在的威胁;主要分为以下功能:对进程进行扫描,根据yara规则匹
CVE-2016-4688 | Apple macOS up to 10.12.1 FontParser memory corruption (HT207423 / Nessus ID 95917)
5 months 2 weeks ago
A vulnerability was found in Apple macOS up to 10.12.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component FontParser. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2016-4688. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
寻呼机爆炸,炸醒通讯安全警惕心
5 months 2 weeks ago
据报道:当地时间17日下午,黎巴嫩首都贝鲁特以及黎巴嫩东南部和东北部多地发生寻呼机爆炸事件。黎巴嫩公共卫生部长阿卜亚德称,爆炸已造成9人死亡,约有2800人受伤,其中约200人伤情危重。
爆炸不仅造成了人员的伤亡,还对当地的基础设施和社会秩序造成了严重的破坏,黎巴嫩真主党发表声明认为以色列对寻呼机爆炸负有 “全部责任”,并誓言要采取报复行动。这一事件使得本就紧张的地区局势更加扑朔迷离,也让国际社会对该地区的未来走向充满了担忧。
在当今数字化时代,通讯安全问题变得日益重要,人们越来越依赖各种通讯设备和网络进行信息交流和业务往来。然而,通讯安全风险也在不断增加,从个人隐私泄露到企业商业机密被窃取,从网络诈骗到黑客攻击,通讯安全问题已经成为了我们不得不面对的严峻挑战。
寻呼机爆炸事件就是一个典型的例子,虽然寻呼机在现代社会已经逐渐被淘汰,但这起事件却提醒我们,在信息爆炸的时代,我们不能忽视任何一种通讯方式的安全问题,必须时刻保持警惕,采取有效的措施来保护我们的通讯安全。
目前,国内的网络安全环境面临着诸多挑战,随着国际贸易摩擦的不断加剧和地缘政治的不稳定,使用国外厂商的通讯产品(如某信)存在一定的风险,某些国外通讯厂商可能会受到其本国政府的压力,对国内企业进行恶意攻击或窃取敏感信息,这种情况已经在一些国际事件中得到了证实,给国内企业带来了巨大的损失。
即便是国内的通讯安全厂商(如某安),如果其数据中心在境外,也难以确保数据的安全和杜绝被攻击的风险,境外的数据中心可能会受到当地法律法规的限制,或数据在跨境传输过程中被窃取或篡改,给企业和个人带来严重的安全隐患。
从安全的层面来说,邮件系统作为最常用的办公软件之一,承载着企业运营的海量数据,尤其涉及企业商业资产、战略规划等重要信息。因此,选择一款足够安全、专业、高效的邮箱产品,是建立企业安全的重要一步。
CACTER邮件安全产品核心技术依托自研国产反垃圾引擎和国内最大的企业级邮件安全大数据中心,并致力于提供信创国产化解决方案,采用完全自主研发的技术,通过使用国产化的硬件设备、芯片、操作系统和数据库,实现从底层到上层的全面自主可控,满足合规要求,为用户提供更加安全可靠的通讯保障和精准的安全防护。
邮件安全问题及综合解决方案
Coremail邮件安全