Aggregator
美陆军士兵因涉嫌黑客攻击 AT&T 和 Verizon 被捕
11 months 2 weeks ago
HackerNews 编译,转载请注明出处: 据报道,一名涉嫌泄露总统通话记录的美陆军士兵卡梅伦·约翰·瓦格纽斯(Cameron John Wagenius),于12月20日在德克萨斯州胡德堡被捕,他面临两项非法转移机密电话记录的指控。 瓦格纽斯现年20岁,被怀疑为一名网络罪犯,其网名“Kiberphant0m”,涉嫌提供并泄露从电信提供商AT&T和Verizon窃取的通话记录。 此次逮捕大约发生在调查记者布莱恩·克雷布斯(Brian Krebs)揭露一名美军士兵可能参与影响包括安海斯-布希(Anheuser-Busch)、好事达(Allstate)、美国前进汽车零件公司(Advance Auto Parts)、三菱(Mitsubishi)、尼曼马库斯(Neiman Marcus)、前进保险(Progressive)、桑坦德银行(Santander Bank)、州立农业保险(State Farm)和Ticketmaster在内的数百家组织的“雪花”黑客攻击行动的一个月后。 克雷布斯在一份新报告中透露,瓦格纽斯曾驻韩,是一名通信专家,很可能就是“Kiberphant0m”,且与10月底因“雪花”账户黑客攻击案被捕的加拿大公民康纳·莱利·穆卡(Connor Riley Moucka,网名Judische)有关联。 穆卡被捕后不久,“Kiberphant0m”为勒索AT&T,在网络犯罪门户BreachForums上发布了疑似被盗的特朗普总统和哈里斯副总统的通话记录。 他还提供了据称来自美国国家安全局的“数据架构”、据称从美国政府机构和Verizon应急响应人员处窃取的通话记录,以及针对Verizon一键通(PTT)客户的SIM卡交换服务。 “Kiberphant0m”还在Telegram上吹嘘自己黑进了包括AT&T和Verizon在内的15家电信提供商,并维护了一个分布式拒绝服务(DDoS)僵尸网络。 12月20日的起诉书(PDF)指控瓦格纽斯于11月初参与了机密电话记录信息的销售和传输,但未提供有关嫌疑人身份或其与“雪花”攻击关联的更多细节。 然而,据克雷布斯称,瓦格纽斯的母亲已确认他参与了网络犯罪活动,而穆卡此前也透露,他将从“雪花”客户处窃取的数据销售外包给了“Kiberphant0m”。 迄今为止,已有三人因“雪花”攻击案被捕。除穆卡和瓦格纽斯外,当局还逮捕了约翰·艾琳·宾斯(John Erin Binns),此人曾因2021年黑进T-Mobile而自居功劳,目前被关押在土耳其监狱。 消息来源:Bleeping Computer, 编译:zhongx; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews
美陆军士兵因涉嫌黑客攻击 AT&T 和 Verizon 被捕
11 months 2 weeks ago
error code: 521
开源终端模拟器iTerm2发布关键安全更新修复输入记录可能会被泄露的问题
11 months 2 weeks ago
#软件资讯 开源终端模拟器 iTerm2 发布关键安全更新修复输入和输出记录可能会被泄露的问题,此问题影响 3.5.6~3.5.10 所有版本。目前最新版 3.5.11 版已修复问题,
超过300万台未加密的邮件服务器暴露
11 months 2 weeks ago
主站 分类 漏洞 工具 极客
超过300万台未加密的邮件服务器暴露
11 months 2 weeks ago
超过300万台未启用TLS加密的POP3和IMAP邮件服务器暴露在互联网上,容易受到网络嗅探攻击。
The Ultimate Cloud Cost Optimization Guide for 2025
11 months 2 weeks ago
Cloud computing has revolutionized the way companies scale and innovate, but cost control is one hur
每周高级威胁情报解读(2024.12.27~2025.01.02)
11 months 2 weeks ago
APT-C-26(Lazarus)组织使用武器化的IPMsg软件的攻击活动分析;Contagious Interview活动使用新的恶意软件OtterCookie;Paper Werewolf网络间谍组织渗透俄罗斯基础设施
每周高级威胁情报解读(2024.12.27~2025.01.02)
11 months 2 weeks ago
2024.12.27~2025.01.02 攻击团伙情报APT-C-26(Lazarus)组织使用武器化的IPMsg软件的攻击活动分析Contagious Interview活动使用新的恶意软件Ott
BinaryAI更新布告|AI智能总结与搜索,重塑二进制安全分析体验
11 months 2 weeks ago
BinaryAI更新布告|AI智能总结与搜索,重塑二进制安全分析体验
11 months 2 weeks ago
BinaryAI更新布告|AI智能总结与搜索,重塑二进制安全分析体验
11 months 2 weeks ago
BinaryAI更新布告|AI智能总结与搜索,重塑二进制安全分析体验
11 months 2 weeks ago
BinaryAI(https://www.binaryai.cn)腾讯安全科恩实验室二进制安全智能分析平台—BinaryAI,可精准高效识别二进制文件的第三方组件及其版本号,旨在推动SCA(软件成分分
AI’s Boom vs. Energy Crisis Community: What the 2030 Apocalypse Could Look Like
11 months 2 weeks ago
IntroductionThe world is at the peak of a generative AI revolution. In just a few short years, arti
CVE-2003-1197 | Ledscripts.com Forums index.php top_message/topic cross site scripting (EDB-23313 / XFDB-13563)
11 months 2 weeks ago
A vulnerability was found in Ledscripts.com Forums. It has been classified as problematic. Affected is an unknown function of the file index.php. The manipulation of the argument top_message/topic leads to basic cross site scripting.
This vulnerability is traded as CVE-2003-1197. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2022-29113 | Microsoft Windows up to Server 2019 Digital Media Receiver race condition
11 months 2 weeks ago
A vulnerability was found in Microsoft Windows up to Server 2019. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Digital Media Receiver. The manipulation leads to race condition.
This vulnerability is known as CVE-2022-29113. The attack can be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2022-29114 | Microsoft Windows up to Server 2022 Print Spooler information disclosure
11 months 2 weeks ago
A vulnerability was found in Microsoft Windows. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Print Spooler. The manipulation leads to information disclosure.
This vulnerability is handled as CVE-2022-29114. The attack may be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2022-29116 | Microsoft Windows 11 Kernel information disclosure
11 months 2 weeks ago
A vulnerability classified as problematic was found in Microsoft Windows 11. This vulnerability affects unknown code of the component Kernel. The manipulation leads to information disclosure.
This vulnerability was named CVE-2022-29116. The attack can be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2022-29117 | Microsoft Visual Studio/.NET/.NET Core denial of service
11 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Microsoft Visual Studio, .NET and .NET Core. This issue affects some unknown processing. The manipulation leads to denial of service.
The identification of this vulnerability is CVE-2022-29117. The attack may be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2022-29120 | Microsoft Windows Server 20H2 up to Server 2019 Clustered Shared Volume information disclosure
11 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Microsoft Windows Server 2012 up to Server 2019. Affected is an unknown function of the component Clustered Shared Volume. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2022-29120. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com