Aggregator

CVE-2019-19726 | OpenBSD up to 6.6 setuid Program ld.so _dl_setup_env LD_LIBRARY_PATH privileges management (ID 155658 / EDB-47780)

Vuldb Updates
1 week 6 days ago
A vulnerability, which was classified as critical, has been found in OpenBSD up to 6.6. This issue affects the function _dl_setup_env of the file ld.so of the component setuid Program Handler. The manipulation of the argument LD_LIBRARY_PATH leads to improper privilege management. The identification of this vulnerability is CVE-2019-19726. The attack needs to be approached locally. Furthermore, there is an exploit available.
vuldb.com

.NET 红队通过 Sharp4ArchiveZip 批量压缩打包文件

先知技术社区
1 week 6 days ago
在红队渗透过程中,数据外发和回传是常见的任务之一,尤其在对目标文件系统进行信息收集、凭据导出、WebShell落地或敏感文件抓取之后,为了避免引起告警或减小传输体积,往往需要对收集到的数据进行压缩处理。

英国率先启动 1500 万英镑人工智能对齐项目

HackerNews
1 week 6 days ago
HackerNews 编译,转载请注明出处: 英国人工智能安全研究所(AI Security Institute)联合国际合作伙伴启动1500万英镑专项研究计划,聚焦人工智能对齐(AI alignment)领域。该项目旨在确保先进AI系统始终按预期目标运作,防止其行为偏离开发者设定的目标、政策与要求。 核心合作方 加拿大人工智能安全研究所、加拿大高等研究院(CIFAR)、施密特科学基金会、亚马逊云服务(AWS)、Anthropic、Halcyon Futures、安全人工智能基金、英国研究与创新署(UKRI)及高级研究与发明署(ARIA)共同参与。 研究紧迫性 英国科技大臣彼得·凯尔(Peter Kyle)指出:“先进AI系统已在部分领域超越人类能力,使该项目变得空前紧迫。人工智能对齐致力于确保系统始终符合人类最佳利益——这正是研究所自成立以来的核心使命:守护国家安全,防范技术演进中AI可能引发的重大风险”。他同时强调:“负责任地发展AI需全球协同努力,此基金将推动AI更可靠、更可信,助力经济增长、优化公共服务并创造高技能岗位”。 AI错位风险分类 故意错位:攻击者操控AI系统实施定向攻击 无意错位:因防护机制缺失导致系统行为失控 具体威胁形态包括: 模型投毒:攻击者篡改训练数据,诱发输出偏见或植入后门 提示注入:恶意指令突破系统防护,实现越狱操控 数据泄露:设计缺陷致AI误披露敏感信息 资源消耗失控:无约束的自我复制行为耗尽系统资源 研究目标 项目将开发创新技术,确保AI系统在能力提升过程中保持目标一致性,增强透明度及人类监管有效性。此举回应了AI自主性日益增强背景下,全球对系统可控性的迫切需求。       消息来源:infosecurity-magazine; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

LLM安全杂谈

先知技术社区
1 week 6 days ago
LLM作为一种里程碑式的AI技术出现,使得AI安全开始进入了安全圈“平民层”的视野,以往这种高门槛的AI安全领域的研究内容多是集中在学术圈,实验室等,在网络安全中的实践也多是赋能安全,利用机器学习技术提高防御检测能力,而非是AI本身的安全风险与攻防。

CVE-2021-47136 | Linux Kernel up to 5.10.41/5.12.8 net/openvswitch/flow.c skb_ext_add uninitialized pointer (ac493452e937/86ab133b695e/9453d45ecb6c / WID-SEC-2024-0699)

Vuldb Updates
1 week 6 days ago
A vulnerability has been found in Linux Kernel up to 5.10.41/5.12.8 and classified as problematic. This vulnerability affects the function skb_ext_add of the file net/openvswitch/flow.c. The manipulation leads to uninitialized pointer. This vulnerability was named CVE-2021-47136. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-47138 | Linux Kernel up to 5.4.123/5.10.41/5.12.8 cxgb4 out-of-bounds (WID-SEC-2024-0699)

Vuldb Updates
1 week 6 days ago
A vulnerability classified as problematic has been found in Linux Kernel up to 5.4.123/5.10.41/5.12.8. This affects an unknown part of the component cxgb4. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2021-47138. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-47137 | Linux Kernel up to 5.4.123/5.10.41/5.12.8 lantiq memory corruption (WID-SEC-2024-0699)

Vuldb Updates
1 week 6 days ago
A vulnerability was found in Linux Kernel up to 5.4.123/5.10.41/5.12.8. It has been rated as critical. Affected by this issue is some unknown functionality of the component lantiq. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2021-47137. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21654 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 ovl encoding error (Nessus ID 233479 / WID-SEC-2025-0119)

Vuldb Updates
1 week 6 days ago
A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been rated as problematic. This issue affects some unknown processing of the component ovl. The manipulation leads to encoding error. The identification of this vulnerability is CVE-2025-21654. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21652 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 ipvlan ipvlan_get_iflink use after free (Nessus ID 216191 / WID-SEC-2025-0119)

Vuldb Updates
1 week 6 days ago
A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been classified as critical. Affected is the function ipvlan_get_iflink of the component ipvlan. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21652. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21653 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 net_sched net/sched/cls_flow.c out-of-bounds (Nessus ID 215034 / WID-SEC-2025-0119)

Vuldb Updates
1 week 6 days ago
A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been declared as problematic. This vulnerability affects unknown code of the file net/sched/cls_flow.c of the component net_sched. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-21653. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21651 | Linux Kernel up to 6.12.9/6.13-rc6 hns3 privilege escalation (Nessus ID 214901 / WID-SEC-2025-0119)

Vuldb Updates
1 week 6 days ago
A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as problematic. This issue affects some unknown processing of the component hns3. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-21651. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21650 | Linux Kernel up to 6.12.9/6.13-rc6 hclge_fetch_pf_reg initialization (Nessus ID 214901 / WID-SEC-2025-0119)

Vuldb Updates
1 week 6 days ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.9/6.13-rc6. Affected is the function hclge_fetch_pf_reg. The manipulation leads to improper initialization. This vulnerability is traded as CVE-2025-21650. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

SonicWall 防火墙遭 Akira 勒索软件攻击频率激增

不安全
1 week 6 days ago
文章介绍了HTTP错误代码521的含义及其常见原因。该错误通常表示CDN服务提供商与目标服务器之间存在连接问题。可能的原因包括服务器过载、网络配置错误或防火墙设置不当等。文章还提供了一些排查和解决问题的建议。

SonicWall 防火墙遭 Akira 勒索软件攻击频率激增

HackerNews
1 week 6 days ago
HackerNews 编译,转载请注明出处: 网络安全公司Arctic Wolf报告显示,自7月下旬以来,SonicWall防火墙设备遭Akira勒索软件攻击的频率显著上升,攻击者可能利用了一个此前未知的安全漏洞。 Akira勒索组织自2023年3月活跃至今,已累计入侵超300家机构,受害者涵盖日产(大洋洲及澳大利亚地区)、日立、斯坦福大学等知名企业及高校。截至2024年4月,美国联邦调查局(FBI)确认该组织通过250余起攻击事件获利超4200万美元。 Arctic Wolf实验室观察到,自7月15日起多起勒索入侵事件涉及通过SonicWall SSL VPN连接的非授权访问。研究人员指出:“本次攻击活动的初始入侵方式尚未完全确认。尽管零日漏洞存在的可能性极高,但通过暴力破解、字典攻击和凭证填充等方式获取访问权限的可能性在所有案例中均未被完全排除。” 攻击呈现显著特征: 快速入侵加密:攻击者从通过SSL VPN账户初始访问网络到实施数据加密的间隔极短,该模式与至少自2024年10月观察到的同类攻击一致,表明针对SonicWall设备的持续性攻击活动; 异常认证源:勒索运营者使用虚拟私有服务器(VPS)进行VPN认证,而合法VPN连接通常源自宽带互联网服务提供商; 基础设施共享:多起入侵事件存在共享基础设施特征,表明攻击存在协同性。 防御建议 鉴于SonicWall零日漏洞极可能被野外利用,Arctic Wolf建议管理员: 暂时禁用SonicWall SSL VPN服务; 在补丁发布前实施强化措施:增强日志监控、部署终端检测、阻止托管服务商网络的VPN认证请求。 关联漏洞预警 报告发布一周前,SonicWall曾警告客户修复安全移动接入(SMA 100)设备中的高危漏洞(CVE-2025-40599)。该漏洞可导致未修复设备遭受远程代码执行攻击,但利用需管理员权限且暂无活跃利用证据。同时提醒:Google威胁情报小组发现攻击者正利用泄露凭证在SMA 100设备上部署新型OVERSTEP rootkit恶意软件。 SonicWall强烈建议客户: 对照GTIG报告中的入侵指标(IoCs)检查设备; 审查日志中的非授权访问及可疑活动; 发现入侵证据立即联系官方支持。       消息来源:bleepingcomputer; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Managed ad