Aggregator

A vulnerability was found in Siemens SINEC NMS up to 2.x. It has been classified as critical. This affects an unknown part. The manipulation leads to execution with unnecessary privileges. This vulnerability is uniquely identified as CVE-2024-36398. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens SINEC NMS up to 2.x and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to os command injection. This vulnerability is handled as CVE-2024-41940. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Siemens SINEC NMS up to 2.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2024-41938. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Siemens NX 1984. Affected is an unknown function of the component PRT File Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-41908. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Siemens SINEC Traffic Analyzer up to 1.x. This issue affects some unknown processing of the component HTTP Security Header Handler. The manipulation leads to security check for standard. The identification of this vulnerability is CVE-2024-41907. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Siemens SINEC Traffic Analyzer up to 1.x. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-41905. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Hackers often target the Solana Python API ecosystem to exploit vulnerabilities in decentralized applications, access private keys, or manipulate transactions on the Solana blockchain. Recently the Solana Python API ecosystem was targeted by a typosquatting attack (tagged as sonatype-2024-3214). The official Solana Python API project, known as “solana-py” on GitHub but listed as “solana” on […]

The post Beware Of Malicious Typosquat Package That Steals Your Secret Keys appeared first on Cyber Security News.

A vulnerability classified as problematic has been found in Siemens Location Intelligence family up to 4.3. This affects an unknown part. The manipulation leads to inadequate encryption strength. This vulnerability is uniquely identified as CVE-2024-41681. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router family, SCALANCE M816-1 ADSL-Router family, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M874-3 3G-Router (CN), SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (A1), SCALANCE MUM853-1 (B1), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (A1), SCALANCE MUM856-1 (B1), SCALANCE MUM856-1 (CN), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615 EEC LAN-Router and SCALANCE S615 LAN-Router up to 8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component 2FA Token Handler. The manipulation leads to sensitive information in log files. This vulnerability is handled as CVE-2024-41978. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router family, SCALANCE M816-1 ADSL-Router family, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M874-3 3G-Router (CN), SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (A1), SCALANCE MUM853-1 (B1), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (A1), SCALANCE MUM856-1 (B1), SCALANCE MUM856-1 (CN), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615 EEC LAN-Router and SCALANCE S615 LAN-Router up to 8.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component VPN Configuration Handler. The manipulation leads to improper input validation. This vulnerability is known as CVE-2024-41976. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens SINEC NMS up to 2.x. It has been classified as very critical. Affected is an unknown function. The manipulation leads to incorrect authorization. This vulnerability is traded as CVE-2024-41939. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens SINEC NMS up to 2.x and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2024-41941. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Siemens SINEC Traffic Analyzer up to 1.x and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability was named CVE-2024-41904. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Siemens SINEC Traffic Analyzer up to 1.x. This affects an unknown part. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2024-41903. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Siemens Location Intelligence family up to 4.3. Affected by this issue is some unknown functionality. The manipulation leads to weak password requirements. This vulnerability is handled as CVE-2024-41683. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

 美国联邦调查局克利夫兰分部已通过摧毁勒索软件团伙 Radar(又名Dispossessor） 的各个服务器和域名，彻底瓦解该团伙的势力。 美国联邦调查局发布声明称，2024年8月12日，以网名“布莱恩”为首的犯罪团伙被捣毁。执法部门拆除了三台美国服务器、三台英国服务器、十八台德国服务器、八个美国犯罪域名和一个德国犯罪域名，这些均属于 Radar。 联邦调查局发布声明，确认以“布莱恩”为首的犯罪团伙已被彻底捣毁。该组织自2023年8月起开始活动，并迅速发展成为具有国际影响力的勒索软件集团，专门针对中小型企业和组织实施攻击。 Radar 针对多个行业进行攻击，包括制造业、开发、教育、医疗保健、金融服务及交通运输等。尽管该组织最初主要针对美国的目标，联邦调查局发现其已涉及13个不同国家的43家企业。 调查还发现，许多网站与布莱恩及其网络犯罪团队有关。与其他勒索软件变种类似，Radar 勒索软件采用双重勒索模式，即不仅加密受害者系统，还窃取数据以勒索赎金。 勒索软件是一种恶意软件，通过加密用户数据使其无法访问，受害者需支付赎金以恢复数据。Radar通过识别使用弱密码或未启用多因素身份验证的易受攻击系统来实施攻击。 “一旦犯罪分子获得系统访问权限，他们就会获得管理员权限并轻松访问文件，然后实际的勒索软件会用于加密。”FBI 表示。 如果受害者没有先支付赎金，Radar的成员就会主动通过电子邮件或电话联系受害者公司内部的人员，发送链接展示被盗文件的视频，迫使受害者付款。最终，犯罪团伙会将窃取的数据发布到泄密页面，并设置倒计时，如果未支付赎金，数据将被公开发布到公共论坛上。   消息来源：cybernews，译者：YY；   本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

新闻速览 •超七成国产软件系统中存在超危级安全漏洞 •勒索攻击防护新模式？对勒索组织的基础设施进行反渗透 •两 […]

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities. The campaign, tracked as UAC-0198, has been active since July. Threat actors sent out […]

A vulnerability classified as problematic was found in Siemens Location Intelligence family up to 4.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is known as CVE-2024-41682. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A Sinkclose vulnerability, which has been detected in AMD processors for decades, lets hackers obtain access to some of the most privileged areas of a computer. It allows malware to infiltrate a computer’s memory so deeply that, in many situations, it could be quicker to destroy the device than disinfect it. The vulnerability allows hackers […]

The post AMD Sinkclose Vulnerability Lets Attackers Most Privileged Portions Of a Computer appeared first on Cyber Security News.