Aggregator

Session Fixation - bluditv3.16.2

不安全
1 day 9 hours ago
Bludit v3.16.2 存在会话固定漏洞,攻击者可利用该漏洞劫持用户会话。具体表现为用户登录后会话ID未更新,导致攻击者可预测或控制会话标识符。该漏洞已在Debian 12环境中复现。建议用户及时更新至最新版本以修复此问题。

RingReaper: New Linux Tool Leverages io_uring Kernel Feature to Bypass EDR & Stealthily Control Systems

Penetration Testing Tools - Metepreter.org
1 day 9 hours ago

The emergence of a new tool known as RingReaper has sparked concern among cybersecurity experts and penetration testing teams alike. This program leverages a legitimate yet highly potent Linux kernel feature called io_uring to...

The post RingReaper: New Linux Tool Leverages io_uring Kernel Feature to Bypass EDR & Stealthily Control Systems appeared first on Penetration Testing Tools.

ddos

TikTok 挖角英国隐私监管高官,应对巨额罚款与审查危机

HackerNews
1 day 9 hours ago
HackerNews 编译,转载请注明出处: 社交媒体公司TikTok正在就英国数据监管机构开出的1270万英镑罚款提起上诉之际,宣布将聘用该监管机构一名高级官员,此举可能引发利益冲突担忧。 信息专员办公室(ICO)监管监督副局长斯蒂芬·邦纳(Stephen Bonner)——这位被资深同事称为“ICO工作核心人物”的官员——将于今年晚些时候加入TikTok,担任其欧洲数据保护部门负责人。 该人事变动发生在ICO于2023年对TikTok处以1270万英镑(约1725万美元)罚款之后,处罚理由是该公司滥用儿童数据;2025年3月,ICO又针对该社交媒体平台持续收集儿童数据的行为启动了“重大调查”。据Politico率先披露,邦纳的职位变动被批评为“旋转门”现象(指监管者离职后加入被监管企业的现象)的典型代表。此类行为可能引发政治学家所称的“监管俘获”风险,即监管机构过度偏袒其本应监管的行业利益。 数字权利组织“开放权利集团”法律政策官员马里亚诺·德利桑蒂指出:“邦纳的跳槽是ICO未能维护公共生活标准的又一例证。公务员应致力于公共利益而非个人职业目标”。ICO副首席执行官保罗·阿诺德则为邦纳辩护称:“邦纳过去四年是我们成功的关键成员,我们祝愿他重返私营领域顺利”,并强调所有前ICO员工均受法定保密义务约束。 ICO特别说明:邦纳未参与2023年罚款决定的制定,也未参与针对TikTok儿童数据推荐系统的调查。尽管他接触过当前调查,但已主动回避以避免利益冲突嫌疑。阿诺德补充称:“ICO有诸多前雇员利用其经验提升数据保护标准,我们为此传统自豪。” 德利桑蒂进一步披露:“在野时,惠特彻奇女男爵琼斯曾在《数据法案》中提议修正案,禁止ICO职员加入遭监管执法的企业。”该修正案旨在阻断监管者任职期间“进入其监管行业就职的通道”。但工党执政后“废除了该提案”,这与其竞选时“恢复英国公共生活廉洁性”的承诺相悖。现任科学、创新与技术部(DSIT)初级部长的琼斯未回应置评请求。DSIT发言人仅表示:“ICO独立于政府运作,其现任及前任员工均受法定保密义务约束。” TikTok未立即回应置评请求。       消息来源: therecord; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

NightEagle APT Unleashed: Zero-Day Exchange Exploit Targets China’s Strategic Industries with Fileless Malware

Penetration Testing Tools - Metepreter.org
1 day 9 hours ago

Since 2023, the RedDrip Team has been meticulously monitoring the activities of one of the most elusive cyber espionage groups. This threat actor, armed with an unknown Exchange exploitation chain, distinguishes itself through substantial...

The post NightEagle APT Unleashed: Zero-Day Exchange Exploit Targets China’s Strategic Industries with Fileless Malware appeared first on Penetration Testing Tools.

ddos

Pakistan-Aligned APT36 Unleashes DRAT V2: New Delphi RAT Targets Indian Government

Penetration Testing Tools - Metepreter.org
1 day 9 hours ago

A hacker group with affiliations beyond Pakistan has once again drawn attention following its attacks on Indian government entities. According to researchers at Recorded Future, the activity is attributed to the cyber threat group...

The post Pakistan-Aligned APT36 Unleashes DRAT V2: New Delphi RAT Targets Indian Government appeared first on Penetration Testing Tools.

ddos

新型 Batavia 间谍软件借钓鱼邮件入侵俄罗斯工业企业​

HackerNews
1 day 10 hours ago
HackerNews 编译,转载请注明出处: 自2025年3月起,针对俄罗斯组织的定向钓鱼攻击使用虚假合同主题电子邮件传播Batavia间谍软件,这是一种旨在窃取内部文件的新型恶意软件。该攻击自2024年7月以来持续进行,始于伪装成合同或附件的恶意.vbe文件链接。该恶意软件包含一个VBA脚本和两个可执行文件,卡巴斯基已将其检测为Trojan.Batavia变种。 卡巴斯基发布的报告指出:“自2025年3月初以来,我们的系统记录到俄罗斯各机构员工检测到的类似文件(例如договор-2025-5.vbe、приложение.vbe和dogovor.vbe,中文译注:合同、附件)数量有所增加。定向攻击始于以签订合同为借口发送包含恶意链接的诱饵邮件。” 点击钓鱼邮件中的链接会下载VBE脚本,该脚本收集系统信息并从攻击者的域名检索恶意软件文件(WebView.exe)。该脚本检查操作系统版本以决定如何执行有效载荷,并将数据发送到命令与控制(C2)服务器。攻击使用针对每封电子邮件定制的参数来管理感染阶段并规避检测。 在攻击链的第二阶段,WebView.exe恶意软件(用Delphi编写)下载并显示虚假合同,然后开始监视受感染的系统。它收集系统日志、办公文档,并定期截取屏幕截图发送到新的C2服务器。为避免重复上传,它会对每个文件进行哈希处理。同时下载新的恶意软件阶段(javav.exe)并设置启动快捷方式,以便在系统重启时继续感染过程。 在攻击链的最后阶段,恶意软件javav.exe(用C++编写)扩展攻击范围,针对更多文件类型(如图像、电子邮件、演示文稿、存档),使用更新的感染ID(2hc1-…)将其传输到C2服务器。它现在可以更改C2地址,并通过computerdefaults.exe实现UAC绕过来下载/执行新有效载荷(windowsmsg.exe)。与C2的通信采用加密传输,并通过文件哈希避免重复上传。据卡巴斯基称,此阶段引入灵活性和持久性以促进进一步恶意活动。 研究人员注意到Batavia间谍软件活动的受害者是俄罗斯工业企业。卡巴斯基遥测数据显示,数十家机构的超过100名用户收到了钓鱼邮件。 报告总结道:“值得注意的是,此次攻击的初始感染媒介是诱饵邮件。这凸显了常态化员工培训和提高企业网络安全实践意识的重要性。”        消息来源: securityaffairs; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Critical macOS SMBClient Flaws Allow Remote Code Execution & Kernel Crashes

Penetration Testing Tools - Metepreter.org
1 day 10 hours ago

Security researchers have uncovered critical vulnerabilities in SMBClient for macOS that affect both user space and the operating system kernel. These flaws potentially allow for remote execution of arbitrary code and the termination of...

The post Critical macOS SMBClient Flaws Allow Remote Code Execution & Kernel Crashes appeared first on Penetration Testing Tools.

ddos

Spain’s .es Domain Surges 19x in Cybercrime Use: Now Third Most Popular for Phishing & RATs

Penetration Testing Tools - Metepreter.org
1 day 10 hours ago

In recent months, cybersecurity experts have observed a dramatic surge in the malicious exploitation of domains within the .es top-level domain (TLD). Over the past six months alone, the number of such incidents has...

The post Spain’s .es Domain Surges 19x in Cybercrime Use: Now Third Most Popular for Phishing & RATs appeared first on Penetration Testing Tools.

ddos

黑客宣称窃取 Telefónica 106GB 数据并公开部分佐证

HackerNews
1 day 10 hours ago
HackerNews 编译,转载请注明出处: 自称“Rey”的黑客宣称从西班牙电信巨头Telefónica窃取106GB数据,但该公司回应称这仅是敲诈企图。 在埃隆·马斯克旗下社交平台X的声明中,Rey指出Telefónica否认其内部网络遭数据窃取,因此将先行公开5GB数据作为证据。黑客威胁称:“我将很快公布完整文件目录树;若未来数周内Telefónica仍不妥协,全部数据档案将被公开 。” 据技术媒体BleepingComputer核实,Rey已发布超2万份文件佐证入侵真实性。黑客透露攻击发生于2025年5月30日,在Telefónica IT人员察觉前已持续窃密12小时。据称窃取总量达385,311份文件(106.3GB),涵盖五类核心数据: 内部通信记录(服务工单与邮件) 采购订单及商业伙伴发票 系统操作日志 客户档案 员工信息 Telefónica官方至今未承认事件,但有员工指称这是利用过时信息的敲诈行为。值得关注的是,Rey隶属勒索组织HellCat,该组织2025年1月就曾通过Jira开发服务器入侵Telefónica窃取客户信息。不同于传统勒索模式,HellCat采用“不认账即全泄露”的胁迫策略,此次事件再次印证其战术特征。 Telefónica作为全球顶级电信运营商,拥有逾10万员工,2024年营收达405亿美元(约合人民币2920亿元),毛利近205亿美元(约合人民币1476亿元)。       消息来源: cybernews; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Penetration Testing Tools - Metepreter.org
1 day 10 hours ago

Experts at Wiz have identified a new wave of attacks targeting TeamCity servers—a widely used platform for orchestrating CI/CD workflows. Threat actors exploited a misconfigured Java Debug Wire Protocol (JDWP) interface, enabling remote command...

The post Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours appeared first on Penetration Testing Tools.

ddos

CVE-2024-39002 | rjrodger rjrodger jsonic-next 2.12.1 util.clone prototype pollution

Vuldb Updates
1 day 10 hours ago
A vulnerability was found in rjrodger rjrodger jsonic-next 2.12.1. It has been declared as problematic. This vulnerability affects the function util.clone. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability was named CVE-2024-39002. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com

CVE-2024-39003 | amoyjs amoy common 1.0.10 setValue prototype pollution

Vuldb Updates
1 day 10 hours ago
A vulnerability, which was classified as problematic, has been found in amoyjs amoy common 1.0.10. Affected by this issue is the function setValue. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is handled as CVE-2024-39003. The attack needs to be done within the local network. There is no exploit available.
vuldb.com

CVE-2024-48597 | Online Clinic Management System 1.0 editp.php?action=edit ID sql injection

Vuldb Updates
1 day 10 hours ago
A vulnerability classified as critical was found in Online Clinic Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /success/editp.php?action=edit. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2024-48597. The attack can be launched remotely. There is no exploit available.
vuldb.com

Managed ad