Aggregator

英国国家网络安全中心（NCSC）计划邀请企业和组织提供“欺骗”案例和有效性证据，以支持NCSC进行长期研究。

Google researchers have identified critical security vulnerabilities within Qualcomm’s Adreno GPU, potentially affecting billions of Android devices globally. If exploited, these vulnerabilities could lead to unauthorized access and control over affected devices, posing a substantial risk to users’ data and privacy. Qualcomm, a leading manufacturer of mobile processors and wireless chipsets, has confirmed the existence […]

The post Vulnerabilities in Qualcomm’s Adreno GPU Chipsets Affect Billions of Android Devices appeared first on Cyber Security News.

Researchers from Aqua identified critical vulnerabilities in six Amazon Web Services (AWS): CloudFormation, Glue, EMR, SageMaker, ServiceCatalog, and CodeStar. These vulnerabilities varied in severity, potentially allowing remote code execution, full-service user takeover, AI module manipulation, data exposure, data exfiltration, and denial of service (DoS) attacks. The vulnerabilities could have affected any organization using these services […]

The post Critical Vulnerabilities in AWS Lets Attackers Gain Full-Service Remotely appeared first on Cyber Security News.

【开奖】批量查询工具权限已开通

分享近期值得关注的IOC

Mozilla Firefox和Thunderbird代码执行漏洞（CNVD-2024-34597）

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞217个，其中高危漏洞117个、中危漏洞95个、低危漏洞5个。

培训

A notorious ransomware group has demanded more than half a billion dollars from victims in less th

Microsoft claims Iran is ramping up election interference activity in the US, as Trump campaign claims it was hacked

KCon大会议题巡展正式开启

Исследование раскрывает атаки по времени, которые действительно работают.

By reverse-engineering Quick Share’s proprietary communication protocol, researchers uncovered multiple vulnerabilities, including unauthorized file writes, forced Wi-Fi connections, directory traversal, and denial-of-service conditions.  These flaws were chained together to achieve remote code execution on Windows systems with Quick Share installed, bypass file approval dialogs and establish persistent Wi-Fi connections.  Google addressed these issues with two […]

The post Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Как умные машины влияют на качество исследований?

In today’s digital world, data exfiltration is a stealthy threat that often flies under the radar.

The post How Outdated Security Measures Can Devastate Your Organization appeared first on Seceon.

The post How Outdated Security Measures Can Devastate Your Organization appeared first on Security Boulevard.

Security researchers have uncovered severe vulnerabilities in the Ewon Cosy+, a widely used industrial remote access gateway tool, allowing them to gain root access and compromise the device’s security. The findings, presented at DEF CON 32, highlight significant risks to industrial infrastructure and remote access systems. The Ewon Cosy+, developed by HMS Networks, is designed […]

The post Researchers Hacked Industrial Remote Access Gateway Tool to Gain Root Access appeared first on Cyber Security News.

Apache Tomcat is a widely used open-source web server and servlet container, but like any software, it is not immune to vulnerabilities. Canonical has released security updates to address multiple Tomcat vulnerabilities across different releases, including Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 ESM, and Ubuntu 16.04 ESM. These vulnerabilities, if exploited could lead […]

The post Addressing Tomcat Vulnerabilities in End-of-Life Ubuntu Systems appeared first on TuxCare.

The post Addressing Tomcat Vulnerabilities in End-of-Life Ubuntu Systems appeared first on Security Boulevard.