Aggregator

Интеграция YARA и оптимизация DNS/HTTP движков позволили значительно повысить производительность инструмента.

LoanDepot通过SEC报告披露称，今年1月曝光的勒索软件攻击相关的费用总计超1.92亿元。 安全内参8月13日消息，美国抵押贷款巨头LoanDepot 6日报告称，与最近的勒索软件攻击相关的成本已达到近2700万美元。 这次网络攻击于2024年1月初被曝光。当时，公司为了应对攻击导致数据被加密的情况，选择将一些系统下线。 几周后，LoanDepot通知当局，超过1600万人的个人信息可能已被泄露，包括姓名、地址、电子邮件地址、电话号码、出生日期、社会保障号码和金融账号等。 LoanDepot的最新财务报告显示，该事件给公司造成了2690万美元（约合人民币1.92亿元）的成本。 该金额包括“调查和补救网络安全事件的成本，客户通知和身份保护的成本，以及专业费用（包括法律费用、诉讼和解费用以及佣金担保）”。 LoanDepot补充道：“在截至2024年6月30日的季度内，公司因与网络安全事件相关的集体诉讼带来了2500万美元的应计成本。” 就在LoanDepot数据泄露曝光之前，执法机构刚刚针对Alphv/BlackCat勒索软件组织进行了打击，该组织声称对上述攻击事件负责。这些网络犯罪分子声称，他们正在出售从贷款机构窃取的数据。 电子制造服务公司Keytronic近日透露，最近的勒索软件攻击导致的费用和收入损失总计超过1700万美元。   转自安全内参，原文链接：https://mp.weixin.qq.com/s/CBVPPBDvTUZh1ilzzBnU8g 封面来源于网络，如有侵权请联系删除

开源 BeOS 操作系统 Haiku 有了 Firefox 移植版本。Firefox 有被称为 Bezilla 的 BeOS 移植版本，但那是几十年前的事情了。Haiku 的原生浏览器 WebPositive 表现不佳，因此有开发者不断移植其它的主流浏览器，最新的努力成果就是 Firefox。目前移植版本还是处于早期阶段，没有可下载的软件包，感兴趣的用户需要自己去编译。移植版本是 v128，比最新的稳定版 v129 落后一个版本。

The FBI and other law enforcers claim to have disrupted the Radar/Dispossessor ransomware group

This Article What is the Critical Pathway to Insider Risk (CPIR)? was first published on Signpost Six. | https://www.signpostsix.com/

Insider risk remains one of the most challenging threats for organisations to manage. The Critical Pathway to Insider Risk (CPIR) offers a structured approach to understanding and mitigating this threat by examining the pathway of events and factors leading to insider acts. This model is based on extensive research into the behaviours and characteristics of […]

This Article What is the Critical Pathway to Insider Risk (CPIR)? was first published on Signpost Six. | https://www.signpostsix.com/

The post What is the Critical Pathway to Insider Risk (CPIR)? appeared first on Security Boulevard.

Akamai researchers have delved into the often-overlooked threat of VPN post-exploitation, highlighting techniques that threat actors can use to escalate their intrusion after compromising a VPN server. The study focuses on vulnerabilities and no-fix techniques affecting Ivanti Connect Secure and FortiGate VPNs, potentially allowing attackers to gain control over other critical network assets. VPN servers […]

The post Post-Exploitation Tactics Hackers Use After Compromising Ivanti, Fortigate VPN Servers appeared first on Cyber Security News.

供应商也需强制实施漏洞披露政策

泄露信息包括姓名、地址、电子邮件地址、电话号码、出生日期、社会保障号码和金融账号

A new Ransomware-as-a-Service (RaaS) platform known as DeathGrip has surfaced, offering sophisticated ransomware tools to aspiring cyber criminals. This service is being promoted through Telegram and various underground forums, providing a gateway for individuals with limited technical expertise to launch potent ransomware attacks. DeathGrip’s emergence underscores the growing accessibility of cybercrime tools, posing an increased […]

The post DeathGrip Ransomware Expanding Services Using RaaS Service appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Siemens SINEC Traffic Analyzer up to 1.x. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Response Handler. The manipulation leads to use of cache containing sensitive information. The identification of this vulnerability is CVE-2024-41906. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Огромное количество планет-скитальцев обнаружено в центре галактики.

A vulnerability was found in Siemens LOGO! 12, 24RCE, 24RCEo, LOGO! 230RCE, LOGO! 230RCEo, LOGO! 24CE, LOGO! 24CEo, LOGO! 24RCE, LOGO! 24RCEo, SIPLUS LOGO! 12, SIPLUS LOGO! 230RCE, SIPLUS LOGO! 230RCEo, SIPLUS LOGO! 24CE, SIPLUS LOGO! 24CEo, SIPLUS LOGO! 24RCE and SIPLUS LOGO! 24RCEo. It has been declared as problematic. This vulnerability affects unknown code of the component Embedded Storage IC. The manipulation leads to unprotected storage of credentials. This vulnerability was named CVE-2024-39922. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability was found in Siemens SINEC NMS up to 2.x. It has been classified as critical. This affects an unknown part. The manipulation leads to execution with unnecessary privileges. This vulnerability is uniquely identified as CVE-2024-36398. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens SINEC NMS up to 2.x and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to os command injection. This vulnerability is handled as CVE-2024-41940. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Siemens SINEC NMS up to 2.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2024-41938. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Siemens NX 1984. Affected is an unknown function of the component PRT File Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-41908. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Siemens SINEC Traffic Analyzer up to 1.x. This issue affects some unknown processing of the component HTTP Security Header Handler. The manipulation leads to security check for standard. The identification of this vulnerability is CVE-2024-41907. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Siemens SINEC Traffic Analyzer up to 1.x. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-41905. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Hackers often target the Solana Python API ecosystem to exploit vulnerabilities in decentralized applications, access private keys, or manipulate transactions on the Solana blockchain. Recently the Solana Python API ecosystem was targeted by a typosquatting attack (tagged as sonatype-2024-3214). The official Solana Python API project, known as “solana-py” on GitHub but listed as “solana” on […]

The post Beware Of Malicious Typosquat Package That Steals Your Secret Keys appeared first on Cyber Security News.

A vulnerability classified as problematic has been found in Siemens Location Intelligence family up to 4.3. This affects an unknown part. The manipulation leads to inadequate encryption strength. This vulnerability is uniquely identified as CVE-2024-41681. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.