Aggregator

A new malware named “Flame Stealer” has been making waves in the cybersecurity community, posing a significant threat to users’ financial and personal data. Developed in C and C++, this sophisticated software was first announced on Telegram on April 14, 2024, and has since been evolving with claims of being undetectable by conventional antivirus tools. […]

The post New Flame Stealer Malware Attacking Users to Steal Credit Card Data appeared first on Cyber Security News.

赋能千行百业数转智改，ISC.AI 2024人工智能峰会圆满召开

大模型要与场景结合，产品化才能发挥价值

A vulnerability classified as problematic has been found in Horizon Business Services Caterease up to 24.0.1.2405. This affects an unknown part. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is uniquely identified as CVE-2024-38891. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Horizon Business Services Caterease up to 24.0.1.2405. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to authentication bypass by capture-replay. This vulnerability is handled as CVE-2024-38890. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in Horizon Business Services Caterease up to 24.0.1.2405. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCP Packet Handler. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-38889. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Horizon Business Services Caterease up to 24.0.1.2405. It has been classified as problematic. Affected is an unknown function of the component Login. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is traded as CVE-2024-38888. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Horizon Business Services Caterease up to 24.0.1.2405 and classified as critical. This issue affects some unknown processing of the component SQL User Handler. The manipulation leads to execution with unnecessary privileges. The identification of this vulnerability is CVE-2024-38887. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability has been found in Horizon Business Services Caterease up to 24.0.1.2405 and classified as critical. This vulnerability affects unknown code of the component TCP Traffic Handler. The manipulation leads to improper verification of source of a communication channel. This vulnerability was named CVE-2024-38886. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as critical, was found in Horizon Business Services Caterease up to 24.0.1.2405. This affects an unknown part of the component SQL User Handler. The manipulation leads to use of hard-coded password. This vulnerability is uniquely identified as CVE-2024-38885. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Horizon Business Services Caterease up to 24.0.1.2405. Affected by this issue is some unknown functionality of the component Profile Name Handler. The manipulation leads to security check for standard. This vulnerability is handled as CVE-2024-38884. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as problematic was found in Horizon Business Services Caterease up to 24.0.1.2405. Affected by this vulnerability is an unknown functionality of the component TDS7 PreLogin Authentication. The manipulation leads to algorithm downgrade. This vulnerability is known as CVE-2024-38883. The attack needs to be done within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Horizon Business Services Caterease up to 24.0.1.2405. Affected is the function xp_cmdshell of the component SQL Server. The manipulation leads to os command injection. This vulnerability is traded as CVE-2024-38882. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Horizon Business Services Caterease up to 24.0.1.2405. It has been rated as problematic. This issue affects some unknown processing of the component User Password Handler. The manipulation leads to one-way hash without salt. The identification of this vulnerability is CVE-2024-38881. The attack can only be done within the local network. There is no exploit available.

人力资源社会保障部办公厅、市场监管总局办公厅、国家统计局办公室发布《关于发布生物工程技术人员等职业信息的通知》 。《通知》表示确定了生物工程技术人员等19个新职业、汽配销售经理人等28个新工种信息，调整变更了11个职业（工种）信息。19 个新职业包括了网络主播，其定义是基于互联网，以直播、实时交流互动、上传音视频节目等形式发声、出镜，提供网络表演、视听信息服务的人员。他们的主要工作任务包括：
1.进行网络表演、视听需求分析，协助确定直播或拍摄脚本内容；
2.编写网络表演、视听内容发播稿或直播脚本文案，并进行备稿；
3.设计基于节目定位、直播主题和主播个人特点的出镜、声音、妆造形象；
4.制作传播符合社会主义核心价值观的内容，控制网络表演、交流互动、视听节目等制作进程，引导话题方向和内容；
5.有序组织实施线上互动活动等，管理连麦、弹幕、评论等互动内容，处置同步或异步传播中用户互动突发情况；
6.参与网络表演、视听内容等传播中的数据统计、分析和优化等。

Неисправленные ошибки стали инструментом в погоне за ценными данными.

Revolutionizing security testing with continuous security validation.

The post Democratizing Defense: AttackIQ Flex 2.0 Empowers Every Organization appeared first on AttackIQ.

The post Democratizing Defense: AttackIQ Flex 2.0 Empowers Every Organization appeared first on Security Boulevard.

Wizards of the Coast объявили об изменениях еще в 2022 году.