Aggregator

人类心脏在太空一个月就显示衰老迹象

Solidot
10 months 2 weeks ago
根据发表在 PNAS 期刊上的一项研究,特别设计的人类心脏组织在太空一个月就显示出衰老迹象。为了研究长期太空飞行对人类心脏的影响,研究人员设计了被称为 heart-on-a-chip 的系统,首先诱导人类诱导多能干细胞发育成人类心肌细胞,将 6 组组织样本在对柱上串成线索状,柱是柔韧性的,样本可像跳动的心脏一样收缩,整个系统被安装在一半手机大小的腔室内。在将系统送到国际空间站后,研究人员利用传感器实时监测心脏组织收缩和跳动模式的强度。地球上的相同组织作为对照组进行比较。结果显示,在国际空间站 12 天后,心脏组织的收缩强度几乎减半,而地球上的组织相当稳定。在回到地球 9 天后,这种减弱影响仍然十分明显。

CVE-2000-0613 | Cisco PIX up to 5.1 TCP RST path traversal (EDB-20067 / XFDB-4928)

Vuldb Updates
10 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Cisco PIX up to 5.1. This issue affects some unknown processing of the component TCP RST Handler. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2000-0613. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

黑客在有针对性的攻击中部署人工智能编写的恶意软件

嘶吼
10 months 2 weeks ago

在一起针对用户的电子邮件活动中,研究人员发现了恶意代码,分析后发现是在生成人工智能服务的帮助下创建的,用于传播 AsyncRAT 恶意软件。

尽管供应商实施了保护措施和限制,但人工智能工具依然可能被滥用来创建恶意软件。安全研究人员在真实的攻击中发现了人工智能创建的恶意软件的可疑案例。

今年早些时候,网络安全公司 Proofpoint 发现了一个恶意 PowerShell 脚本,该脚本可能是使用人工智能系统创建的。

随着技术含量较低的恶意分子越来越依赖人工智能来开发恶意软件,惠普安全研究人员在 6 月初就发现了一次恶意活动,该活动使用的代码评论方式与生成式人工智能系统创建的方式相同。

该活动利用 HTML 走私来提供受密码保护的 ZIP 存档,研究人员通过暴力破解来解锁该存档。

HP Wolf Security 报告称,技术技能较低的网络犯罪分子越来越多地使用生成式 AI 来开发恶意软件,2024 年第二季度的“威胁洞察”报告中提供了一个例子。

6 月初,惠普发现了一项针对法国用户的网络钓鱼活动,采用 HTML 走私提供包含 VBScript 和 JavaScript 代码的受密码保护的 ZIP 存档。

JavaScript 中的 AES 加密实现

在暴力破解密码后,研究人员分析了代码,发现“攻击者对整个代码进行了巧妙的注释”,这在人类开发的代码中很少发生,因为威胁分子通常希望隐藏恶意软件的工作原理。

据HP Wolf Security 的报告显示:“这些注释准确地描述了代码的作用,就像生成式人工智能服务可以创建带有解释的示例代码一样” 。

VBScript 在受感染的计算机上建立了持久性,创建计划任务并在 Windows 注册表中写入新密钥。研究人员指出,指向人工智能生成的恶意代码的一些指标包括脚本的结构、解释每行的注释、选择函数名称和变量的本地语言。

VBScript 代码中的注释

在后期阶段,攻击会下载并执行 AsyncRAT,这是一种开源且免费提供的恶意软件,可以记录受害者计算机上的击键并提供加密连接以进行远程监视和控制。该恶意软件还可以提供额外的有效负载。

完整的感染链

HP Wolf Security 报告还强调,根据其可见性,归档是今年上半年最流行的交付方式。生成式人工智能可以帮助较低级别的威胁参与者在几分钟内编写恶意软件,并针对针对不同区域和平台(Linux、macOS)的攻击进行定制。

即使他们没有使用人工智能来构建功能齐全的恶意软件,黑客在创建更高级的威胁时也会依靠这项技术来加快他们的工作速度。

胡金鱼

CVE-2024-42162 | Linux Kernel up to 6.9.8 gve_get_ethtool_stats memory corruption (32675d828c8a/af9bcf910b1f / Nessus ID 207884)

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.9.8. It has been rated as critical. This issue affects the function gve_get_ethtool_stats. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-42162. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-42139 | Linux Kernel up to 6.9.8 ice denial of service (9f69b31ae9e2/00d3b4f54582 / Nessus ID 207884)

Vuldb Updates
10 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.9.8. This affects an unknown part of the component ice. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-42139. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-42142 | Linux Kernel up to 6.1.97/6.6.38/6.9.8 mlx5 esw_port_metadata Privilege Escalation (Nessus ID 207884)

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.97/6.6.38/6.9.8 and classified as problematic. This issue affects the function esw_port_metadata of the component mlx5. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2024-42142. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-48808 | Linux Kernel up to 5.15.154/5.16.9 dev_close denial of service (ff45899e732e/89b60402d43c/ee534378f005 / Nessus ID 207884)

Vuldb Updates
10 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.154/5.16.9. This issue affects the function dev_close. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-48808. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-48865 | Linux Kernel up to 5.10.105/5.15.28/5.16.14 tipc_enable_bearer null pointer dereference (Nessus ID 207884)

Vuldb Updates
10 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 5.10.105/5.15.28/5.16.14. It has been rated as critical. Affected by this issue is the function tipc_enable_bearer. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2022-48865. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-42247 | Linux Kernel up to 5.10.221/5.15.162/6.1.99/6.6.40/6.9.9 allowedips swap_endian memory corruption (Nessus ID 207884)

Vuldb Updates
10 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.221/5.15.162/6.1.99/6.6.40/6.9.9. Affected is the function swap_endian of the component allowedips. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-42247. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released

Help Net Security
10 months 2 weeks ago

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk … More →

The post Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released appeared first on Help Net Security.

Help Net Security

Progress Software fixed 2 new critical flaws in WhatsUp Gold

Security Affairs
10 months 2 weeks ago
Progress Software addresses six new security vulnerabilities affecting its WhatsUp Gold, two of them are rated as critical severity. Progress Software has addressed six new security vulnerabilities in its IT infrastructure monitoring product WhatsUp Gold. “The WhatsUp Gold team has identified six vulnerabilities that exist in versions below 24.0.1. We are reaching out to all […]
Pierluigi Paganini

CVE-2017-13849 | Apple iOS up to 11.0.3 CoreText input validation (HT208222 / EDB-43161)

Vuldb Updates
10 months 2 weeks ago
A vulnerability has been found in Apple iOS up to 11.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component CoreText. The manipulation leads to improper input validation. This vulnerability is known as CVE-2017-13849. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad