Aggregator

January 21, 2025In anot

新研究表明，多种隧道协议存在安全漏洞，这些漏洞可能让攻击者实施多种攻击。

主站 分类 漏洞 工具 极客

A vulnerability was found in D-Link DI-624 1900. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2006-3687. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft PowerPoint 2000/2002/2003. It has been declared as critical. This vulnerability affects unknown code in the library mso.dll. The manipulation leads to memory corruption. This vulnerability was named CVE-2006-3590. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Mozilla Firefox 1.5/1.5.0.1/1.5.0.2/1.5.0.3/1.5.0.4. This affects the function window.navigator of the component JavaScript. The manipulation leads to configuration. This vulnerability is uniquely identified as CVE-2006-3677. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Microsoft Internet Explorer up to 6. This issue affects some unknown processing of the component COM Object Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2006-3638. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Microsoft PowerPoint 2000/2002/2003. Affected by this issue is some unknown functionality of the component Document Parser. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2006-3590. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to replace the affected component with an alternative.

一、境外厂商产品漏洞1、IBM Security Directory Integrator操作系统命令注入漏洞IBM Security Directory Integrator是美国国际商业机器（IB

2025年01月13日-2025年01月19日本周漏洞态势研判情况本周信息安全漏洞威胁整体评价级别为中。国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞453个，其中高危漏洞2

A vulnerability was found in BlueCoat K9 Web Protection up to 3.2.35. It has been classified as very critical. This affects an unknown part of the file k9filter.exe. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2007-1685. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

从「原子化」提交到妙用 rebase，一次搞定清爽的 Git 提交记录Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 M

自 2024 年底以来，一个新发现的物联网 （IoT） 僵尸网络一直在全球策划大规模分布式拒绝服务 （DDoS） 攻击。

主站 分类 漏洞 工具 极客

HackerNews 编译，转载请注明出处： 网络安全公司Cyfirma发现，名为Tanzeem（乌尔都语意为“组织”）和Tanzeem Update的安卓恶意软件与DoNot团队的高度针对性网络攻击有关。该恶意软件在2024年10月和12月被首次发现。经分析，这些应用功能几乎相同，仅在用户界面上有少量修改。 Cyfirma在周五的分析中指出：“尽管该应用被设计为聊天应用，但一旦安装后无法正常运行，安装并授予必要权限后即关闭。应用名称表明它的目标可能是特定的国内外个人或群体。” DoNot团队，亦称APT-C-35、Origami Elephant、SECTOR02和Viceroy Tiger，是一个被认为起源于印度的黑客组织，历史上曾通过鱼叉式网络钓鱼邮件和安卓恶意软件家族收集感兴趣的信息。 2023年10月，该组织与一个名为Firebird的基于.NET的后门恶意软件有关，该恶意软件针对巴基斯坦和阿富汗的少数受害者。 目前尚不清楚这次恶意软件的具体目标是谁，但推测其可能用于针对特定个人，以便对内部威胁进行情报收集。 这个恶意安卓应用的一个显著特点是使用了OneSignal平台，OneSignal是一个流行的客户互动平台，组织可通过该平台发送推送通知、应用内消息、电子邮件和短信。Cyfirma推测，恶意软件可能滥用此平台，通过推送通知发送包含钓鱼链接的消息，从而实现恶意软件的部署。 无论使用何种分发机制，安装后该应用会显示一个虚假的聊天界面，并促使受害者点击名为“开始聊天”的按钮。点击后，应用会触发一条消息，要求用户授予辅助服务API的权限，从而执行各种恶意操作。 该应用还请求访问若干敏感权限，包括获取通话记录、联系人、短信、精确位置、账户信息及外部存储中的文件等。有些其他功能还包括录制屏幕和与指挥控制（C2）服务器建立连接。 Cyfirma表示：“收集的样本揭示了一种新策略，利用推送通知鼓励用户安装其他安卓恶意软件，从而确保恶意软件在设备上的持久性。” “这一策略增强了恶意软件在目标设备上持续活动的能力，表明该威胁组织正在不断发展其情报收集的意图，继续为国家利益服务。”   消息来源：The Hacker News, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

error code: 521