Aggregator

Эпоха «наивных» читеров закончилась, а теневой рынок превратился в бизнес.

A vulnerability classified as problematic was found in Red Hat Linux. This vulnerability affects unknown code of the component L2CAP Packet Handler. The manipulation leads to type confusion. This vulnerability was named CVE-2020-25661. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 122. This issue affects the function fetch of the component API. The manipulation leads to insufficient verification of data authenticity. The identification of this vulnerability is CVE-2024-1554. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Microsoft Windows. Affected is an unknown function of the component Local Security Authority. The manipulation leads to time-of-check time-of-use. This vulnerability is traded as CVE-2025-21191. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

ESET 研究人员近期发现的WinRAR零日漏洞CVE-2025-8088引发业界高度关注，且已被RomCom等多个组织用于攻击，本报告将深入剖析漏洞原理、攻击链、攻击者背景及相关攻击技术，并对相关攻击组织及WinRAR其他漏洞进行扩展分析

A vulnerability was found in Microsoft Windows Server 2012 R2/Server 2016/Server 2019/Server 2022/Server 2025. It has been rated as critical. This issue affects some unknown processing of the component Standards-Based Storage Management Service. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2025-21174. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in Cisco IOS 12.2 on Aironet. Affected is an unknown function of the component Web Server. The manipulation leads to denial of service. This vulnerability is traded as CVE-2003-0511. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Cisco Aironet Wireless Access AP1x00. Affected by this issue is some unknown functionality of the component HTTP GET Handler. The manipulation leads to denial of service. This vulnerability is handled as CVE-2003-0511. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Cisco IOS up to 12.2. This affects an unknown part of the component Account Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2003-0512. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Researchers at cybersecurity firm Profero cracked DarkBit ransomware encryption, allowing victims to recover files for free. Good news for the victims of the DarkBit ransomware, researchers at cybersecurity firm Profero cracked the encryption process, allowing victims to recover files for free without paying the ransom. However, at this time, the company has yet to release […]

Nisos
Executive PII Exposure: Why You Need Ongoing Monitoring

Exposed personal data is fueling executive impersonation, fraud, and social engineering. Here's what enterprise leaders need to know...

The post Executive PII Exposure: Why You Need Ongoing Monitoring appeared first on Nisos by Nisos

The post Executive PII Exposure: Why You Need Ongoing Monitoring appeared first on Security Boulevard.

Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think

Threat actors have stolen data on at least half a million cancer screening patients

A vulnerability, which was classified as problematic, was found in Microsoft Windows NT 4.0. Affected is an unknown function of the component File Management. The manipulation leads to denial of service. This vulnerability is traded as CVE-2003-0525. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft ISA Server and classified as critical. Affected by this vulnerability is an unknown functionality of the file 400.htm/500.htm of the component Error Page. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2003-0526. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年8月4日至2025年8月10日）安全漏洞情况如下

Редкий взгляд на кибершпионаж изнутри.

A vulnerability classified as problematic was found in Canon IJ Network Tool 4.7.5. This vulnerability affects unknown code of the component Wi-Fi Connection Setup. The manipulation leads to information disclosure. This vulnerability was named CVE-2023-1764. The attack needs to be done within the local network. There is no exploit available.

Security researchers and cybersecurity professionals are highlighting the growing sophistication of payload obfuscation techniques that allow malicious actors to bypass traditional defense mechanisms. As organizations increasingly rely on web application firewalls (WAFs) and automated security tools, attackers are developing more creative methods to disguise their malicious code as harmless data, presenting significant challenges for enterprise […]

The post Researchers Detail Script-Masking Tactics That Bypass Defenses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Apache HTTP Server up to 2.0.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the component mod_cgid. The manipulation leads to information disclosure. This vulnerability is known as CVE-2003-0789. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.