Aggregator

一、问题现象 最近在研究Docker容器日志管理时，启动容器出现iptables相关报错，具体问题如下 运行容器 [root@node-11 ~]# docker run -d -p 24224...

新闻速览 •敏感数据保护不力!美国外国投资委员会向T-Mobile开出史上最大罚单 •DDoS攻击峰值强度已达 […]

一、查看当前已经分配磁盘的空间情况 df -h root@******# df -h Filesystem Size Used Avail Use% Mounted on udev...

注意 Cloudflare Function 免费版每日限制 100,000 个请求，如果需求大可以选择付费订阅方案 由于图片文件实际存储于 Telegraph，Telegraph 限制上传的...

简介 2023 年 5 月， hub.docker.com  "不知" 何种原因国内均无法正常访问了。当时只是官网不能访问，但不影响 pull 镜像。 2024年6月7日，GFW正式D...

MeloTTS：由MyShell AI开发的一个高质量的多语言文本到语音（TTS）库。 支持英语、西班牙语、法语、中文、日语和韩语等多种语言。 速度非常快，支持中英混合的发音，能生成清晰、自然的...

SearXNG 是用 Python 编写的一款开源搜索工具 安装前准备工作 SearXNG 文档地址：网页链接 Github 开源地址：网页链接 Docker 安装教程 (菜鸟教程)：网页链接 ...

Отчет Google раскрыл детали кампании иранских хакеров.

总结推荐本周的热点资讯、安全事件、一周好文和省心工具，保证大家不错过本周的每一个重点！

The U.S. Department of Justice (DOJ) is contemplating a historic move to break up Alphabet Inc.’s Google following a significant antitrust ruling. This development marks one of the most aggressive antitrust actions since the attempted breakup of Microsoft two decades ago. The decision comes after a federal judge determined that Google had unlawfully maintained a […]

The post US DOJ Considers Breaking-up Google Following Antitrust Case appeared first on Cyber Security News.

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

A vulnerability, which was classified as problematic, has been found in PTC Kepware ThingWorx Kepware Server. This issue affects some unknown processing of the component Online Tag Generation. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-6098. Access to the local network is required for this attack. There is no exploit available. It is recommended to change the configuration settings.

近日，网络安全研究人员发现了 Gafgyt 僵尸网络的一个新变种，它以 SSH 密码较弱的机器为目标，最终利用其 GPU 计算能力在被攻击的实例上挖掘加密货币。 Aqua Security 研究员 Assaf Morag 在周三的一份分析报告中说：“这表明，物联网僵尸网络正在瞄准运行在云原生环境中的更强大的服务器。” 据了解，Gafgyt（又名 BASHLITE、Lizkebab 和 Torlus）自 2014 年以来一直在野外活跃，它曾利用弱凭据或默认凭据获得路由器、摄像头和数字视频录像机（DVR）等设备的控制权。它还能利用 Dasan、华为、Realtek、SonicWall 和 Zyxel 设备中的已知安全漏洞。 受感染的设备被集中到一个僵尸网络中，能够对感兴趣的目标发起分布式拒绝服务（DDoS）攻击。有证据表明，Gafgyt 和 Necro 由一个名为 Keksec 的威胁组织运营，该组织也被追踪为 Kek Security 和 FreakOut。 像 Gafgyt 这样的物联网僵尸网络在不断进化，增加新的功能，2021 年检测到的变种使用 TOR 网络来掩盖恶意活动，并从泄露的 Mirai 源代码中借用了一些模块。值得注意的是，Gafgyt 的源代码于 2015 年初在网上泄露，进一步助长了其新版本和适应版本的出现。 最新的攻击链涉及使用弱密码暴力破解 SSH 服务器，部署下一阶段有效载荷，以便使用 “systemd-net ”进行加密货币挖矿攻击，但在这一过程中，会先终止在受感染主机上运行的其他竞争性恶意软件。 它还会执行一个蠕虫模块，这是一个基于 Go 的 SSH 扫描器，名为 ld-musl-x86，负责扫描互联网上安全性较差的服务器，并将恶意软件传播到其他系统，从而有效扩大僵尸网络的规模。这包括 SSH、Telnet 以及与游戏服务器和 AWS、Azure 和 Hadoop 等云环境相关的凭证。 Morag 指出：”目前使用的加密货币挖矿工具是 XMRig，它是一款专门用于挖掘门罗币的软件。在这次攻击中，威胁行为者试图利用 opencl 和 cuda 标志来运行挖矿软件，以便更充分地利用 GPU 和 Nvidia GPU 的计算能力。” 结合攻击者主要通过挖矿而非发起DDoS攻击来实现其目的，进一步支持了研究人员的观点，即这种新变种与以往的不同，它专注于攻击那些具有强大计算能力的云原生环境。 通过查询 Shodan 收集到的数据显示，目前有超过 3000 万台可公开访问的 SSH 服务器，因此用户必须采取措施保护实例的安全，防止暴力破解攻击和潜在的利用。   转自FreeBuf，原文链接：https://www.freebuf.com/news/408781.html 封面来源于网络，如有侵权请联系删除

A vulnerability classified as problematic was found in Event Tickets with Ticket Scanner Plugin up to 2.3.7 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-6711. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Magnet Forensics Axiom. This affects an unknown part. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2024-7448. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBlocks Plugin up to 1.3.12 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-7147. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in JetSearch Plugin up to 3.5.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-7136. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in JetTabs Plugin up to 2.2.3 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to file inclusion. This vulnerability is traded as CVE-2024-7146. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in JetElements Plugin up to 2.6.20 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to file inclusion. The identification of this vulnerability is CVE-2024-7145. Access to the local network is required for this attack to succeed. There is no exploit available.

Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in the TCP/IP stack. The vulnerability impacts all systems with IPv6 enabled (IPv6 is enabled by […]