Всё ещё бездумно сканируете QR-коды? Есть 4,2 миллиона причин дважды подумать в следующий раз
Обычное письмо, одна ссылка — и дверь в сеть уже открыта.
Aggregator
Cybersecurity jobs available right now: August 19, 2025
10 months ago
Senior Cybersecurity Analyst DOT Security | USA | On-site – View job details As a Senior Cybersecurity Analyst, you will lead the investigation of real-time alerts from SIEM platforms and other security tools, ensuring timely identification of potential threats. You will also perform in-depth forensic analysis of firewall logs, IDS/IPS alerts, and packet captures to validate or dismiss security events Principal Security Engineer Punt | Canada | On-site – View job details As a Principal … More →
The post Cybersecurity jobs available right now: August 19, 2025 appeared first on Help Net Security.
Sinisa Markovic
CMMC Level and Assessment Requirements for Defense Contractors
10 months ago
<p>Many DoD contractors are struggling to understand what requirements will apply to them once CMMC rolls out. CMMC defines three levels, but CMMC Level 2 may allow a self-assessment or may require a third-party…</p>
Chris Camejo
柯尔特电信遭遇WarLock勒索软件团伙攻击 被盗数据正出售
10 months ago
英国电信公司Colt Technology Services正遭遇网络攻击,已导致该公司部分业务中断多日,涉及托管、端口服务、Colt在线平台以及语音应用程序接口(Voice API)平台等。该公司透露,攻击始于8月12日,目前中断情况仍在持续,其IT工作人员正全天候工作以减轻攻击造成的影响。
据悉,柯尔特公司成立于1992年,最初名为伦敦金融城电信公司(简称COLT),2015年被富达投资(Fidelity Investments)收购。作为主要的电信服务提供商,它在欧洲、亚洲和北美洲的30个国家均开展业务,拥有7.5万公里的光纤网络,连接着900个数据中心。
业务仍处于离线状态
起初,该公司仅宣布出现“技术问题”,并未确认是网络安全事件。不过,在后续的状态更新中,说明了事件的性质。
为规避风险,该公司不得不让特定系统下线,这影响到了包括柯尔特在线平台和Voice API平台在内支持服务的运营。目前,柯尔特在线平台已无法运用,公司建议客户通过电子邮件或电话联系柯尔特,但需注意回复速度会比平时慢。
该公司强调,受影响的是支持服务系统,而非核心的客户网络基础设施。柯尔特表示已就该事件通知了有关部门,但未提供关于攻击者身份或攻击类型的任何细节。
WarLock声称实施了此次攻击
一名化名为“cnkjasdfgd”的网络犯罪分子自称是勒索软件团伙“WarLock”成员,声称实施了此次攻击,并以20万美元的价格出售据称从柯尔特窃取的100万份文件。
该威胁者还公布了几份数据样本以证明文件的真实性。据其称,被盗文件包括财务数据、员工信息、客户资料、高管相关数据、内部电子邮件以及软件开发信息等。
威胁者在黑客论坛上的帖子
尽管该公司未透露此次数据泄露的原因,但安全研究员表示,黑客可能是通过利用微软SharePoint中的一个远程代码执行漏洞(编号为CVE-2025-53770)获得了初始访问权限。
该安全漏洞至少从7月18日起就被当作零日漏洞利用,其严重程度被定为“危急”。微软已于7月21日通过安全更新修复了该漏洞。
据了解,黑客窃取了数百GB包含客户数据和相关文件的资料。有媒体就此事联系了柯尔特,对这些说法进行核实,该公司发言人表示“目前正在对这些说法进行调查。”
胡金鱼
【已复现】Smartbi 远程代码执行漏洞(QVD-2025-31926)安全风险通告
10 months ago
致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。
CVE-2024-12575 | Poll Maker Plugin up to 5.8.9 on WordPress ays_finish_poll information disclosure
10 months ago
A vulnerability was found in Poll Maker Plugin up to 5.8.9 on WordPress. It has been declared as problematic. This vulnerability affects the function ays_finish_poll. Such manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2024-12575. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2025-55286 | vancluever z2d 0.7.0 memory corruption (GHSA-2vq8-cp8r-vcf3)
10 months ago
A vulnerability identified as critical has been detected in vancluever z2d 0.7.0. Affected by this issue is some unknown functionality. Performing manipulation results in memory corruption.
This vulnerability was named CVE-2025-55286. The attack needs to be approached locally. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2025-49895 | iThemes ServerBuddy Plugin up to 1.0.5 on WordPress cross-site request forgery (EUVD-2025-25056)
10 months ago
A vulnerability classified as problematic has been found in iThemes ServerBuddy Plugin up to 1.0.5 on WordPress. Impacted is an unknown function. This manipulation causes cross-site request forgery. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is tracked as CVE-2025-49895. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
CVE-2024-12612 | School Management System Plugin up to 93.2.0 on WordPress sql injection (EUVD-2024-54885)
10 months ago
A vulnerability categorized as critical has been discovered in School Management System Plugin up to 93.2.0 on WordPress. Impacted is an unknown function. Executing manipulation can lead to sql injection.
The identification of this vulnerability is CVE-2024-12612. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-6079 | School Management System Plugin up to 93.2.0 on WordPress homework.php unrestricted upload (EUVD-2025-25059)
10 months ago
A vulnerability classified as critical has been found in School Management System Plugin up to 93.2.0 on WordPress. The impacted element is an unknown function of the file homework.php. This manipulation causes unrestricted upload.
This vulnerability is registered as CVE-2025-6079. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com
CVE-2024-8393 | Woocommerce Blocks Plugin up to 1.7.0 on WordPress tab file inclusion (EUVD-2024-54884)
10 months ago
A vulnerability, which was classified as problematic, has been found in Woocommerce Blocks Plugin up to 1.7.0 on WordPress. This impacts an unknown function. Performing manipulation of the argument tab results in file inclusion.
This vulnerability is reported as CVE-2024-8393. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
CVE-2025-3671 | WPGYM Plugin up to 67.7.0 on WordPress Password Update page file inclusion (EUVD-2025-25067)
10 months ago
A vulnerability classified as critical was found in WPGYM Plugin up to 67.7.0 on WordPress. This affects an unknown function of the component Password Update Handler. Such manipulation of the argument page leads to file inclusion.
This vulnerability is documented as CVE-2025-3671. The attack can be executed remotely. There is not any exploit available.
vuldb.com
BlackHat_USA_2025 PPT分享
10 months ago
CVE-2025-8996 | Layout Builder Advanced Permissions up to 2.1.x on Drupal authorization (sa-contrib-2025-097 / WID-SEC-2025-1825)
10 months ago
A vulnerability has been found in Layout Builder Advanced Permissions up to 2.1.x on Drupal and classified as problematic. This vulnerability affects unknown code. This manipulation causes missing authorization.
This vulnerability appears as CVE-2025-8996. The attack may be initiated remotely. There is no available exploit.
The affected component should be upgraded.
vuldb.com
CVE-2025-36088 | IBM Storage TS4500 Library Web GUI cross site scripting
10 months ago
A vulnerability was found in IBM Storage TS4500 Library 1.10.00-F00/1.11.0.0-D00/1.11.0.1-C00/1.11.0.2-C00. It has been classified as problematic. Impacted is an unknown function of the component Web GUI. Performing manipulation results in cross site scripting.
This vulnerability is known as CVE-2025-36088. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2025-9060 | MSoft MFlash 8.0 input validation (K-MSoft-2025-002)
10 months ago
A vulnerability identified as critical has been detected in MSoft MFlash 8.0. This impacts an unknown function. This manipulation causes improper input validation.
The identification of this vulnerability is CVE-2025-9060. It is possible to initiate the attack remotely. There is no exploit available.
It is suggested to install a patch to address this issue.
vuldb.com
CVE-2025-55285 | backstage plugin-scaffolder-backend up to 2.1.0 log file (GHSA-3x3q-ghcp-whf7)
10 months ago
A vulnerability classified as problematic has been found in backstage plugin-scaffolder-backend up to 2.1.0. This affects an unknown part. The manipulation leads to sensitive information in log files.
This vulnerability is listed as CVE-2025-55285. The attack may be initiated remotely. There is no available exploit.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-52619 | HCL BigFix SaaS Remediate up to 8.1.13 SaaS Authentication Service information exposure (KB0123330 / EUVD-2025-25053)
10 months ago
A vulnerability was found in HCL BigFix SaaS Remediate up to 8.1.13. It has been rated as problematic. Affected is an unknown function of the component SaaS Authentication Service. This manipulation causes information exposure through error message.
This vulnerability is handled as CVE-2025-52619. The attack can be initiated remotely. There is not any exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2025-8995 | Authenticator Login up to 2.1.3 on Drupal authentication bypass (sa-contrib-2025-096 / EUVD-2025-25044)
10 months ago
A vulnerability was found in Authenticator Login up to 2.1.3 on Drupal and classified as critical. This issue affects some unknown processing. Such manipulation leads to authentication bypass using alternate channel.
This vulnerability is traded as CVE-2025-8995. The attack may be launched remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
DoJ Seizes $2.8 Million in Crypto From Zeppelin Ransomware Operators
10 months ago
The U.S. Department of Justice (DoJ) announced the seizure of over $2.8 million in cryptocurrency, $70,000 in cash, and a luxury vehicle linked to Zeppelin ransomware operations. The warrants were unsealed on August 14, 2025, in federal courts across Virginia, California, and Texas. Authorities allege that the assets belong to Ianis Aleksandrovich Antropenko, who has […]
The post DoJ Seizes $2.8 Million in Crypto From Zeppelin Ransomware Operators appeared first on Cyber Security News.
Florence Nightingale