Aggregator

A vulnerability was found in Joompolitan Com Livechat 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file xmlhttp.php of the component HTTP Proxy. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2008-6882. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Joompolitan Com Livechat 1.0. This affects an unknown part of the file getChatRoom.php. The manipulation of the argument last leads to sql injection. This vulnerability is uniquely identified as CVE-2008-6883. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Joompolitan Com Livechat 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file getChat.php. The manipulation of the argument last leads to sql injection. This vulnerability is known as CVE-2008-6881. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Funscripts Red Reservations. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2008-6580. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Работа из дома обернулась коллапсом для 700 тысяч авиапассажиров.

A vulnerability, which was classified as very critical, has been found in TRCore DVC up to 6.3. This issue affects some unknown processing. The manipulation leads to relative path traversal. The identification of this vulnerability is CVE-2024-11313. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in ZTE NH8091 ZV1.8. This vulnerability affects unknown code of the component Web Module Interface. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-22067. The attack can only be done within the local network. There is no exploit available.

A vulnerability classified as very critical has been found in TRCore DVC up to 6.3. This affects an unknown part. The manipulation leads to relative path traversal. This vulnerability is uniquely identified as CVE-2024-11315. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in TRCore DVC up to 6.3. It has been rated as very critical. Affected by this issue is some unknown functionality. The manipulation leads to relative path traversal. This vulnerability is handled as CVE-2024-11312. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in TRCore DVC up to 6.3. It has been declared as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to relative path traversal. This vulnerability is known as CVE-2024-11314. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in haxx.se cURL 7.26.0/7.27.0/7.28.0/7.28.1. It has been declared as very critical. Affected by this vulnerability is the function Curl_sasl_create_digest_md5_message of the file lib/curl_sasl.c. The manipulation leads to memory corruption. This vulnerability is known as CVE-2013-0249. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

众所周知，钓鱼邮件几乎都是以网络为载体进行传播，但在瑞士，网络犯罪分子将这一行为发展到了线下，通过实体信件向受害者传播恶意软件。 据Cyber News消息，有黑客冒充瑞士气象局（联邦气象和气候学办公室），以该部门的抬头发送纸质信件，其中包含一个二维码，要求收件人下载最新的“恶劣天气警报程序”。 为了让受害者尽可能地扫码下载，信中称该信用被要求强制安装，对家庭安全至关重要，因此提示用户使用智能手机扫描二维码，然后按照后续说明下载并安装该应用程序。 瑞士国家网络安全中心 （NCSC） 警告说，网络犯罪分子正在使用这种方法将恶意软件加载到移动设备上。该恶意应用程序试图模仿联邦民防局官方的 Alertswiss 应用程序，该机构使用它来通知、警告和提醒民众。 NCSC透露，如果受害者扫码并安装了程序，就会载入一个名为“Coper”（也称为“Octo2”）恶意软件。Octo2是一个会窃取银行账户凭证的安卓系统木马，在意大利、波兰、摩尔多瓦、匈牙利等国家广泛传播。 除此以外，Octo2还会图访问其他将近400款智能手机应用程序的登录数据，并将其外泄到攻击者控制的服务器上。 但这款“带毒”的冒牌货也可通过肉眼识别出端倪，首先，假冒程序的名称为“AlertSwiss”（S为大写），而不是官方正版的“Alertswiss”（S为小写），此外，二者的Logo也存在些许差异。 瑞士当局已建议用户忽略该信件并将其扔掉。但恶意应用程序可以采取多种形式，伪装成其他应用继续传播。       转自Freebuf，原文链接：https://www.freebuf.com/news/415468.html 封面来源于网络，如有侵权请联系删除

Perception Point 的最新发现揭露了一种先进的两步式网络钓鱼技术，该技术利用 Microsoft Visio 文件（.vsdx）和 SharePoint 发起极具欺骗性的凭证盗窃活动。 Microsoft Visio 文件传统上用于绘制流程图和网络地图等专业图表，但现在已被武器化。Perception Point 的报告显示：“在最近的网络钓鱼活动中，Visio 文件正被用来传递恶意 URL，在两步攻击路径中创建一个欺骗性传递点。” 这种方法利用了用户对 SharePoint 和 Microsoft Visio 等熟悉平台的信任。通过在被入侵的 SharePoint 账户托管的 .vsdx 文件中嵌入恶意 URL，攻击者可以绕过许多标准安全措施。 攻击分为两步，旨在逃避检测和利用用户行为： 第一步：诱惑 攻击者首先利用被攻破的电子邮件账户向目标发送网络钓鱼电子邮件。“这些电子邮件因其来源而看似合法，通常包含令人信服的叙述，如紧急商业提案或采购订单。”这些电子邮件可能包含一个链接或 .eml 文件附件，其中包含一个指向 SharePoint 托管的 Visio 文件的 URL。 第二步：陷阱 点击链接后，受害者会重定向到一个托管 Visio 文件的受攻击 SharePoint 页面。该文件包含一个嵌入式 “行动召唤 ”按钮，通常标注为 “查看文档”。受害者被指示按住 Ctrl 键并点击，这个简单的操作可以绕过自动安全系统。一旦点击，嵌入的 URL 就会将用户引导到一个伪造的 Microsoft 365 登录页面，该页面的目的是收集凭证。“该报告解释说：”与链接互动会将受害者重定向到一个冒充 Microsoft 365 的钓鱼页面。   这种网络钓鱼技术结合了复杂的技术和心理操纵。通过要求用户执行按住 Ctrl 键等手动操作，攻击者可以躲避自动电子邮件安全扫描仪和检测工具。此外，合法品牌（包括组织徽标）的使用也增加了恶意 Visio 文件的可信度。 Perception Point 的研究人员观察到，使用这种方法的攻击明显增加，目标是全球数百家组织。报告警告说，这些活动 “旨在逃避检测和利用用户的信任”，强调了在企业环境中保持警惕的重要性。     转自安全客，原文链接：https://www.anquanke.com/post/id/301944 封面来源于网络，如有侵权请联系删除  

昆士兰科技大学（QUT）的研究人员发现，在马斯克（Elon Musk）于今年 7 月宣布支持特朗普之后，其旗下 X(前称 Twitter) 平台的算法发生了变化，他本人以及共和党保守派的推文曝光度有了显著提升。从 7 月 13 日起，马斯克的推文浏览量比之前增加了 138%，转发量增加了 238%。与此同时，倾向于共和党的推文浏览量和转发量也出现了增长，但幅度没有马斯克的高。研究人员表示，由于 X 平台切断了对 Academic API 的访问，他们的数据收集能力受到了限制。

Новая ИИ-модель плетёт сети для аферистов.

A vulnerability has been found in Netscape Enterprise Server 3.x/4.x and classified as problematic. This vulnerability affects unknown code of the component Web Publishing Feature. The manipulation as part of wp-html-rend Request leads to denial of service. This vulnerability was named CVE-2002-1655. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Mandrakesoft Mandrake Linux 8.2. It has been classified as problematic. Affected is an unknown function of the component Mandrake-Security. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2002-1713. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Farm9 Cryptcat 1.10. Affected by this issue is some unknown functionality of the component Server Mode. The manipulation of the argument -e leads to missing encryption of sensitive data. This vulnerability is handled as CVE-2002-1653. The attack may be launched remotely. There is no exploit available.

Sonatype, the company behind the popular Nexus Repository Manager, has issued security advisories addressing two critical vulnerabilities affecting Nexus Repository 2.x OSS/Pro versions. These vulnerabilities, identified as CVE-2024-5082 and CVE-2024-5083, could potentially allow attackers to exploit the system through remote code execution (RCE) and cross-site scripting (XSS) attacks. All previous versions up to and including 2.15.1 are affected, […]

The post Sonatype Nexus Repository Manager Hit by RCE & XSS Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. It’s one of the most critical WordPress vulnerabilities ever. Wordfence researchers warn of a vulnerability, tracked as CVE-2024-10924 (CVSS Score of 9.8), in the Really Simple Security plugin that affects 4M+ sites. The Really Simple Security plugin, formerly Really Simple SSL, is […]