Aggregator

Crowdstrike Attack Report On July 19, 2024, a sudden outage affected a majority of pr

ИИ научился «слышать» скрытые болезни человека.

起因 上上个星期在推.. 阅读更多

Feds Count Over 200 Known US Victims of Ransomware Group That Launched in February
Beware a surge in attacks tied to a ransomware group called RansomHub that's recruited affiliates from down-or-out operations LockBit and BlackCat and successfully crypto-locked systems at more than 200 organizations nationwide, including critical infrastructure, the U.S. government warned.

Growth, Profitability and Stock Price Woes Have Dell Primed to Cash Out Its Chips
Majority owner Dell is exploring a possible sale of Atlanta-based cybersecurity services vendor Secureworks, tapping investment bankers at Morgan Stanley and Piper Sandler to gauge takeover interest from potential acquirers, which include private equity firms, Reuters reported Thursday.

Telegram Messages Hard to Encrypt But CEO Faces Charges for Noncompliant Cryptology
The arrest and indictment of Telegram CEO Pavel Durov is sparking concerns about the viability of encrypted communications in France. The Paris Prosecutor's Office indicted Durov, the 39-year-old Russian-born owner of Telegram on Wednesday, after arresting him Saturday night.

Bill Is Similar to Senate Proposals, But Will Congress Take Action Before Election?
A bipartisan House bill aims to bolster cybersecurity in the healthcare sector by requiring stronger collaboration between CISA and the Department of Health and Human Services. The bill is a companion to nearly identical bipartisan legislation introduced in the Senate in July.

The AI Safety Institute Will Evaluate Safety and Suggest Improvements
AI companies OpenAI and Anthropic made a deal with a U.S. federal body to provide early access to major models for safety evaluations. The agreements are "are an important milestone as we work to help responsibly steward the future of AI," said U.S. AI Safety Institute Director Elizabeth Kelly.

Cloud-Based Security Camera Firm Pledges Better Security in US FTC Settlement
A California security camera company agreed to pay a $2.95 million civil penalty and implement a security program after hackers in 2021 accessed video from 150,000 internet-connected security cameras, including from devices placed inside psychiatric hospitals and women's health clinics.

ZIP-архивы стали причиной массового шпионажа в стране.

A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the component Update My Profile Page. The manipulation of the argument fname/lname/email with the input <script>alert(1)</script> leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8366. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in WPZOOM Portfolio Lite Plugin up to 1.4.4 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-8276. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Share This Image Plugin up to 2.01 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument alignment leads to cross site scripting. This vulnerability is known as CVE-2024-8108. The attack can be launched remotely. There is no exploit available.

Submit #398778 / VDB-276261

A vulnerability, which was classified as problematic, was found in Web Application Firewall Plugin up to 2.1.2 on WordPress. Affected is an unknown function. The manipulation leads to protection mechanism failure. This vulnerability is traded as CVE-2022-4539. It is possible to launch the attack remotely. There is no exploit available.

Submit #398777 / VDB-276261

A vulnerability, which was classified as critical, has been found in WP Cerber Security Plugin up to 9.4 on WordPress. This issue affects some unknown processing of the component IP Protection. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2022-4100. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in IP Vault Plugin up to 1.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to protection mechanism failure. This vulnerability was named CVE-2022-4536. The attack can be initiated remotely. There is no exploit available.