Aggregator

A vulnerability was found in SGI IRIX 6.2. It has been rated as critical. This issue affects some unknown processing of the component midikeys. The manipulation as part of WAV File leads to improper privilege management. The identification of this vulnerability is CVE-2000-0013. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

据Hackread研究团队发现，名为IntelBroker的黑客声称已从网络巨头思科窃取了数据，并关联到一些知名公司的源代码，包括微软、亚马逊、AT&T等，相关数据已在黑客论坛Breach Forums 上出售。 据黑客称，数据泄露发生在 2024 年 10 月 10 日，并于10月14日在Breach Forums上发布。据 Hackread研究团队所见，Intel Broker 列出了据称在泄露中被盗的大量数据类型，包括： 源代码：来自 GitHub、GitLab 和 SonarQube 的项目，对 Cisco 的开发工作至关重要。 硬编码凭证：源代码中嵌入的敏感信息，如登录详细信息。 证书和密钥：SSL 证书以及对安全通信至关重要的公钥和私钥。 机密文档：分类为“Cisco 机密”的内部文档和信息。 API 令牌和存储桶：可用于访问关键系统的 AWS 私有存储桶、Azure 存储桶和 API 令牌。 其他敏感信息：包括Jira 票证、Docker 版本和 Cisco 高级产品信息。 图片来源：FreeBuf IntelBroker 还分享了一份据称在泄露期间窃取的生产源代码公司名单。该名单包括几家备受瞩目的公司，尤其是在电信和金融领域，例如：Verizon、AT&T、T-Mobile、美国银行、沃达丰，以及科技巨头微软等。 IntelBroker 将以门罗币（XMR）的形式出售这些被盗数据。门罗币是一种以其隐私功能而闻名的加密货币。黑客表示，他们愿意使用中间人来促进交易，确保买卖双方的匿名性。这种方法是网络犯罪分子的常见做法，以避免被当局检测和跟踪。 在截至Hackread发稿时，思科尚未对此事给出回应，如果此次泄露事件得到确认，可能会对 Cisco 和受影响的公司产生重大后果。 据悉，这是思科时隔两年后再遭遇数据泄露。2022年8月，黑客声称窃取到2.75GB数据，约3100个文件，其中不少文件为保密协议、数据转储和工程图纸。 近来，IntelBroker 以备受瞩目的数据泄露攻击而闻名。今年6月，黑客声称入侵了苹果公司，窃取了内部工具的源代码，同月还声称入侵了AMD，窃取了员工和产品信息。 而在更早前的5月，IntelBroker入侵了欧洲刑警组织并得到了对方证实。 尽管对该黑客的来源和附属组织尚不清楚，但据美国政府称，IntelBroker 被指控是其中一起 T-Mobile 数据泄露事件的幕后肇事者，这起发生在2022年11月的攻击事件导致3700万名用户数据被泄露。 参考来源：T-Mobile Hacked Again: 37 Million Accounts Compromised     转自FreeBuf，原文链接：https://www.freebuf.com/news/412837.html 封面来源于网络，如有侵权请联系删除

Исследование показало разрыв в точности между устройствами.

这是 酒仙桥六号部队 的第 119 篇文章。全文共计1689个字，预计阅读时长6分钟。背景在跟女朋友一起散步的时候，突然接到通知，客户已经给了测试的资产范围如下，目标要求拿到目标服务器内网权限。目标资

图：ABC新闻演示扫地机摄像头拍摄的效果 据澳大利亚媒体ABC 新闻日前报道，今年早些时候，黑客获取了科沃斯地宝 X2 Omni 扫地机器人在多个美国城市的控制权，利用这些机器人追赶宠物并向主人大喊种族歧视性言论。 媒体采访了多位地宝 X2 用户。这些用户表示，他们的地宝 X2 在今年 5 月份遭到黑客入侵。 明尼苏达州的律师Daniel Swenson是其中之一。他回忆道，有一天他和家人正在看电视，突然从扫地机器人扬声器中传出“像收音机信号不佳时一样断断续续的”噪音。他表示，在他重置密码并重新启动机器人后，这种声音再次出现，且更加清晰。这一次，声音似乎来自一名青少年，内容充满了侮辱性言论。 美国多地城市均发生了类似案例，比如埃尔帕索和洛杉矶的用户。洛杉矶的一位用户报告称，有人通过控制地宝 X2 骚扰他家的一只狗，不仅大喊大叫，还追赶它。 科沃斯公司在一份声明中对媒体表示，经过调查，他们确认了一次“凭证填充攻击”事件，并已屏蔽了相关的 IP 地址。公司还强调，目前“没有证据显示”攻击者获得了用户的用户名和密码。 去年，有研究人员发现了一个漏洞，该漏洞允许攻击者绕过地宝 X2的PIN码验证，从而控制扫地机器人。科沃斯在声明中提到，这个问题已得到解决，并计划在今年 11 月发布一项更新，以“进一步加强安全性”。不过，目前尚不清楚这次更新是否会修复媒体早些时候报道的蓝牙漏洞。 近年来，随着云连接的智能家居设备普及，类似事件频发。部分情况是黑客入侵所致，部分则是凭证泄露，甚至有时是软件问题导致用户可以意外看到其他人的摄像头画面，仿佛是收到了一份“意外的小礼物”。 随着越来越多的智能家居设备需要持续连接互联网才能正常运行，而且设备制造商还没有提供有效安全漏洞报告途径，这类问题似乎变得不可避免。 参考资料：https://www.theverge.com/2024/10/12/24268508/hacked-ecovacs-deebot-x2-racial-slurs-chase-pets     转自安全内参，原文链接：https://www.secrss.com/articles/71201 封面来源于网络，如有侵权请联系删除

A vulnerability was found in Endulujans Eyvah! Bosandim Ozgurum 0.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-7697. The attack needs to be initiated within the local network. There is no exploit available.

在上周举行的特斯拉 We, Robot 活动上，该公司公布了无人出租车 Cybercab、电动客车 Robovan，以及类人机器人 Optimus。对于 Optimus 马斯克（Elon Musk）称可以当教师、照顾孩子、遛狗、修剪草坪、买食品，拿饮料等等。马斯克相当乐观的预测到明年底机器人会更容易获得。但外界对此颇为质疑，认为机器人技术的发展尚为达到如此易用度。彭博社援引匿名知情人士的消息报道，在这次活动上，特斯拉通过人类远程控制演示了 Optimus 的部分功能，此举旨在激发投资者对新产品的热情。知情人士称，在现场的特斯拉员工监督了机器人与参与者之间的互动。知情人士称，机器人原型能在无需外部控制的情况下行走。远程控制引发了机器人功能性和市场准备度的质疑。

Исходники и документы компании оказались в руках сразу трех хакеров.

A vulnerability was found in Alcatel-Lucent OmniPCX 7.1. It has been declared as very critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument user leads to improper input validation. This vulnerability is known as CVE-2007-3010. The attack can be launched remotely. Furthermore, there is an exploit available.

As per recent reports, North Korean hackers have been observed using a new backdoor and remote access trojan as part of their attack campaign. VeilShell, the new tool, is primarily being used to target Southeast Asian countries. In this article, we’ll dive into the details and uncover how such attacks are carried out. Let’s begin!  […]

The post North Korean Hackers Use New Backdoor And RAT For Attacks appeared first on TuxCare.

The post North Korean Hackers Use New Backdoor And RAT For Attacks appeared first on Security Boulevard.

Исследователи предупреждают об уязвимости банковских и военных систем.

A vulnerability was found in ChanGate Property Management System and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-9972. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Web Tip SHIRASAGI up to 1.19.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to path traversal. This vulnerability is known as CVE-2024-46898. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mambo Com Recipes 1.00. This affects an unknown part of the file index.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2008-0518. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Connectix Connectix Boards up to 0.8.2. Affected is an unknown function. The manipulation of the argument template_path leads to code injection. This vulnerability is traded as CVE-2008-0502. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in WordPress AdServe 0.2. It has been declared as critical. This vulnerability affects unknown code of the file adclick.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2008-0507. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Musepoes Component on Joomla. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument aid leads to sql injection. This vulnerability is traded as CVE-2008-0515. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Com Buslicense on Joomla. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument aid leads to sql injection. The identification of this vulnerability is CVE-2008-0579. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Mambo Com Mamml. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument listid leads to sql injection. This vulnerability is handled as CVE-2008-0511. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Com Fq on Joomla. This affects an unknown part of the file index.php. The manipulation of the argument listid leads to sql injection. This vulnerability is uniquely identified as CVE-2008-0512. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.