Aggregator

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.12.8. This issue affects some unknown processing of the component amdgpu. The manipulation leads to use after free. The identification of this vulnerability is CVE-2021-47142. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.10.41/5.12.8. Affected is the function device_add. The manipulation leads to incomplete cleanup. This vulnerability is traded as CVE-2021-47143. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.4.123/5.10.41/5.12.8. This vulnerability affects unknown code of the component gve. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2021-47141. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.12.8 and classified as critical. This issue affects the function iommu_change_dev_def_domain. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2021-47140. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.41/5.12.8. It has been declared as problematic. Affected by this vulnerability is the function register_netdev in the library lib/cpu_rmap.c. The manipulation leads to uninitialized pointer. This vulnerability is known as CVE-2021-47139. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

当前环境出现异常状态，需完成验证操作后才能继续访问。

Kali Linux发布适用于macOS的容器版，借助苹果新容器框架和Docker Hub镜像快速启动。无需虚拟机更简单便捷，但目前网络和硬件直通有限制。仅支持搭载M系列芯片的Mac设备。

文章解释了error code 521的原因及其对网络连接的影响，并提供了诊断和解决该问题的方法。

HackerNews 编译，转载请注明出处： 东南亚电信组织近期遭国家级威胁组织CL-STA-0969定向攻击，该组织通过部署定制化工具实现对目标网络的远程控制。Palo Alto Networks旗下Unit 42实验室披露，2024年2月至11月期间监测到多起针对该地区关键电信基础设施的攻击事件，攻击者利用Cordscan等工具收集移动设备位置数据。 值得注意的是，调查人员在受感染系统和网络中未发现数据外泄证据，也未观察到攻击者尝试追踪或联络移动网络内部设备。研究人员强调：“该威胁组织具备极高的操作安全（OPSEC）规范，综合运用多种防御规避技术躲避检测”。 该组织自2020年起持续针对南亚、非洲电信实体实施情报窃取活动。部分攻击手法还与“LightBasin”（又名UNC1945）及金融犯罪组织“UNC2891”存在关联——后者以劫持ATM基础设施著称。 攻击者通过SSH认证机制的暴力破解获取访问权限，采用针对电信设备内置账户的定制化字典列表实施突破。 恶意工具链 AuthDoor：覆盖合法PAM模块实施凭证窃取，通过硬编码魔术密码维持持久访问 GTPDoor：滥用GPRS隧道协议控制面（GTP-C）在电信漫游网络建立隐蔽C2通道 EchoBackdoor：通过ICMP回显请求数据包被动接收指令，未加密返回执行结果 SGSN模拟器：模拟服务GPRS支持节点，绕过企业防火墙限制 ChronosRAT：模块化ELF后门支持远程Shell、键盘记录及端口转发 NoDepDNS：基于Golang的DNS隧道后门，通过原始套接字解析53端口UDP指令 防御规避 攻击组合利用DNS隧道传输流量、通过被控移动运营商中转通信、清除认证日志、禁用SELinux安全模块及进程名称伪装等技术。同时部署Microsocks代理、FRP反向代理及ProxyChains等公开工具，并利用Linux本地提权漏洞（CVE-2021-4034等）扩大控制范围。 本次披露恰逢中国国家计算机网络应急技术处理协调中心（CNCERT）指控美国情报机构： 利用Microsoft Exchange零日漏洞（2022年7月-2023年7月）窃取中国军工企业国防情报 针对高科技军事院校及科研机构实施数据窃取 2024年7-11月通过电子文件系统漏洞攻击中国通信卫星企业 对此，美国前总统特朗普曾公开承认：“我们同样对他们实施网络行动，这就是世界的运行规则。”       消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in BoastMachine up to 3.1. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument _server["php_self" leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2006-2491. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Sangwan Kim Bookmark4U 2.0. Affected by this issue is some unknown functionality of the file inc/dbase.php of the component htaccess. The manipulation of the argument include_prefix leads to file inclusion. This vulnerability is handled as CVE-2006-2877. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in BosDev BosDates 3.0/3.1/3.2/4.0 and classified as critical. This issue affects some unknown processing of the file payment.php. The manipulation of the argument insPath leads to file inclusion. The identification of this vulnerability is CVE-2006-3957. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in BlueShoes Blueshoes Framework up to 4.6_public. It has been classified as critical. This affects an unknown part in the library lib/googlesearch/googlesearch.php. The manipulation of the argument APP[path][lib] leads to file inclusion. This vulnerability is uniquely identified as CVE-2006-5250. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in CutePHP CuteNews up to 2.1.2. It has been declared as critical. This vulnerability affects unknown code of the file index.php?mod=main&opt=personal. The manipulation of the argument avatar_file leads to unrestricted upload. This vulnerability was named CVE-2019-11447. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in GetSimple CMS up to 3.3.15. Affected by this issue is some unknown functionality of the file theme-edit.php. The manipulation leads to credentials management. This vulnerability is handled as CVE-2019-11231. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in AROX School-ERP Pro. It has been declared as critical. This vulnerability affects unknown code of the file import_stud.php of the component Session Handler. The manipulation leads to improper access controls. This vulnerability was named CVE-2019-13294. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in OpenBSD up to 6.6. This issue affects the function _dl_setup_env of the file ld.so of the component setuid Program Handler. The manipulation of the argument LD_LIBRARY_PATH leads to improper privilege management. The identification of this vulnerability is CVE-2019-19726. The attack needs to be approached locally. Furthermore, there is an exploit available.

在红队渗透过程中，数据外发和回传是常见的任务之一，尤其在对目标文件系统进行信息收集、凭据导出、WebShell落地或敏感文件抓取之后，为了避免引起告警或减小传输体积，往往需要对收集到的数据进行压缩处理。

这篇文章解释了错误代码521的原因和解决方法。