Aggregator

North Korean IT workers set their sights on European organizations

Help Net Security
11 months 3 weeks ago

North Korean IT workers are expanding their efforts beyond the US, and are seeking to fraudulently gain employment with organizations around the world, but most especially in Europe. According to Google’s threat researchers, they are also increasingly attempting to extort money from these companies once they get discovered and/or fired. “Previously, workers terminated from their places of employment might attempt to provide references for their other personas so that they could be rehired by the … More →

The post North Korean IT workers set their sights on European organizations appeared first on Help Net Security.

Zeljka Zorz

CVE-2016-7386 | NVIDIA Graphics Driver up to 341/369.58/375.62 on Quadro/NVS/GeForce Kernel Mode Layer nvlddmkm.sys DxgDdiEscape Kernel Memory information disclosure (EDB-40656 / Nessus ID 94576)

Vuldb Updates
11 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in NVIDIA Graphics Driver up to 341/369.58/375.62 on Quadro/NVS/GeForce. Affected is the function DxgDdiEscape in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation leads to information disclosure (Kernel Memory). This vulnerability is traded as CVE-2016-7386. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

【安全圈】腾讯会议崩了!

安全圈
11 months 3 weeks ago
关键词腾讯会议根据最新消息,4月2日下午,“腾讯会议崩了”话题登上了热搜,不少网友反映无法通过腾讯会议进入会议

【安全圈】腾讯会议崩了!

安全圈
11 months 3 weeks ago
关键词腾讯会议根据最新消息,4月2日下午,“腾讯会议崩了”话题登上了热搜,不少网友反映无法通过腾讯会议进入会议

【安全圈】腾讯会议崩了!

安全圈
11 months 3 weeks ago
关键词腾讯会议根据最新消息,4月2日下午,“腾讯会议崩了”话题登上了热搜,不少网友反映无法通过腾讯会议进入会议

【安全圈】腾讯会议崩了!

安全圈
11 months 3 weeks ago
关键词腾讯会议根据最新消息,4月2日下午,“腾讯会议崩了”话题登上了热搜,不少网友反映无法通过腾讯会议进入会议

CVE-2024-33304 | SourceCodester Product Show Room 1.0 Add Users Last Name cross site scripting

Vuldb Updates
11 months 3 weeks ago
A vulnerability has been found in SourceCodester Product Show Room 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add Users. The manipulation of the argument Last Name leads to cross site scripting. This vulnerability is known as CVE-2024-33304. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2023-23021 | SourceCodester POS Point Sale System 1.0 Main.php code/name/description cross site scripting

Vuldb Updates
11 months 3 weeks ago
A vulnerability has been found in SourceCodester POS Point Sale System 1.0 and classified as problematic. This vulnerability affects unknown code of the file Main.php. The manipulation of the argument code/name/description leads to cross site scripting. This vulnerability was named CVE-2023-23021. The attack can be initiated remotely. There is no exploit available.
vuldb.com

Breaking Down SharePoint Walls: Hunting for Sensitive Files

Friends & Security
11 months 3 weeks ago
ShareFiltrator is a Python tool designed for enumerating and bulk downloading sensitive files from SharePoint and OneDrive using authenticated cookies. It leverages SharePoint’s search API to identify files with credentials, highlighting misconfigurations from lax sharing permissions. The tool aids in extracting secrets while also discussing mitigation strategies.
Yehuda Smirnov

Managed ad