出售30万个被盗登录凭证,被判处40个月监禁
27岁的俄罗斯公民格奥尔基·卡夫扎拉泽(Georgy Kavzharadze)因在Slilpp上出售超过30万个账户的登录凭证,被判处4个月的监禁。
Aggregator
攻击者在勒索活动中利用公开的.env文件入侵云账户
1 year 10 months ago
近日,一场大规模勒索活动利用可公开访问的环境变量文件(.env)入侵了多个组织,这些文件包含与云和社交媒体应用程序相关的凭据。
新的 Webkit 漏洞可让攻击者利用 PS4 和 PS5 游戏机发起攻击
1 year 10 months ago
PS4和PS5中的WebKit漏洞指的是其浏览器中发现的WebKit引擎漏洞。
乌克兰网络专家联手黑客团队致瘫俄罗斯核弹头开发商
1 year 10 months ago
近日,乌克兰网络专家与黑客组织VO Team协调实施了一次高效的网络攻击,目标是位于俄罗斯车里雅宾斯克斯涅任斯克的关键核弹头开发公司——维加公司。
WPS Office两个严重漏洞曝光,已被武器化且在野利用
1 year 10 months ago
WPS Office作为一款用户基数超过2亿的广泛使用的办公套件,被发现存在两个关键漏洞。
个人信息权益保护与个人数据要素化并行不悖
1 year 10 months ago
个人数据与非个人数据是数据的基本分类。数据是数字经济的关键生产要素,经过较长时期消费互联网的推动,个人数据已经成为我国数字经济的重要要素。
乌克兰网络专家联手黑客团队致瘫俄罗斯核弹头开发商
1 year 10 months ago
近日,乌克兰网络专家与黑客组织VO Team协调实施了一次高效的网络攻击,目标是位于俄罗斯车里雅宾斯克斯涅任斯克的关键核弹头开发公司——维加公司。此次网络行动导致维加公司的1,173台网络交换机和10
WPS Office两个严重漏洞曝光,已被武器化且在野利用
1 year 10 months ago
WPS Office作为一款用户基数超过2亿的广泛使用的办公套件,被发现存在两个关键漏洞(CVE-2024-7262和CVE-2024-7263),这些漏洞可能导致用户遭受远程代码执行攻击。这两个漏洞
个人信息权益保护与个人数据要素化并行不悖
1 year 10 months ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
上周关注度较高的产品安全漏洞(20240812-20240818)
1 year 10 months ago
CNVD漏洞周报2024年第33期
1 year 10 months ago
A Patchdiffing Journey – TP-Link Omada
1 year 10 months ago
IntroductionLast year we participated in the Pwn2Own 2023 Toronto competition and succe
CVE-2024-6847 | Chatbot with ChatGPT Plugin up to 2.4.4 on WordPress sql injection
1 year 10 months ago
A vulnerability, which was classified as critical, was found in Chatbot with ChatGPT Plugin up to 2.4.4 on WordPress. Affected is an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2024-6847. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43688 | vixie cron on OpenBSD cron/entry.c heap-based overflow
1 year 10 months ago
A vulnerability, which was classified as critical, has been found in vixie cron on OpenBSD. This issue affects some unknown processing of the file cron/entry.c. The manipulation leads to heap-based buffer overflow.
The identification of this vulnerability is CVE-2024-43688. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
GoGra Backdoor: Unnamed South Asian Media Outlet Targeted
1 year 10 months ago
As per recent reports, an unnamed media organization in South Asia had fallen prey to t
Web Browser Stored Credentials
1 year 10 months ago
Microsoft introduced Data Protection Application Programming Interface (DPAPI) in Window
Africa's Economies Feel Pain of Cybersecurity Deficit
1 year 10 months ago
While the combined gross domestic product (GDP) of African nations grew fivefold in two decades, a lack of cybersecurity is holding back gains — although the jury is out on how much.
Robert Lemos, Contributing Writer
以色列与伊朗的电子对抗
1 year 10 months ago
Autodesk AutoCAD Vulnerability Let Attackers Execute Arbitrary Code
1 year 10 months ago
Autodesk has disclosed a critical vulnerability in its AutoCAD software, which could allow malicious actors to execute arbitrary code. This vulnerability, CVE-2024-7305, identified in the AdDwfPdk.dll component, is triggered when a specially crafted DWF (Design Web Format) file is parsed. The flaw has been classified as an Out-of-Bounds Write, a vulnerability that can lead to […]
The post Autodesk AutoCAD Vulnerability Let Attackers Execute Arbitrary Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
Divya
中文版全新上线,这 5 条建议伴你高效上手 Notion
1 year 10 months ago
前言2024 年 8 月,Notion 终于上线了官方的简体和繁体中文版,那些需要反复折腾汉化插件的日子终于到了尽头,不仅如此,重磅新功能数据图表(Charts)如期而至,还有表单功能(Forms)也