Aggregator

A vulnerability classified as critical was found in docebo 3.0.3/3.0.4/3.0.5/3.5 Beta/3.5.0.3. This vulnerability affects the function autoDetectRegion in the library doceboCore/lib/lib.regset.php of the file lib.regset.php of the component regset. The manipulation leads to sql injection. This vulnerability was named CVE-2008-7153. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in DomPHP 0.81. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument mail leads to sql injection. This vulnerability is known as CVE-2008-0282. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Docebo 3.0.3/3.0.4/3.0.5/3.5 Beta/3.5.0.3. This issue affects some unknown processing in the library lib/lib.domxml5.php of the component Error Message Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2008-7154. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in xfstt 1.2.1/1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the component Request Handler. The manipulation leads to off-by-one. This vulnerability is handled as CVE-2003-0625. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

网络中存在的各类威胁错综复杂且不断变化，攻击者一直在改进其攻击方法，经常出现一些新的信息窃取恶意软件。据Cyber Security News消息，最近一种名为 PureLogs 的恶意软件以其低廉的价格、不俗的功能受到攻击者青睐。 图片来源：FreeBuf PureLogs  是用 C# 构建的 64 位信息窃取程序，并使用 commercial.NET Reactor 打包器将其程序集捆绑到多个阶段， 能够通过 Chrome、Edge、Opera等浏览器获取私人信息，与 Lumma、Vidar 和 Meduza 等少数其他恶意软件具有相同的能力。 2022 年，PureLogs 最初在地下市场上出售，此后在多个地下论坛上进行了推广，并在 clearnet 上保留了一个帐户和专用市场。目前该程序通过将潜在客户引导至特定Telegram机器人以获得支持和销售查询，价格为每月99美元、每季度199美元、每年299美元和终身用户的499美元，是市场上最便宜的信息窃取程序之一。 根据 Flashpoint Intel Team 报告，PureLogs 分三个阶段运行。加载和执行阶段是第一个阶段，第二阶段是在加载最终信息窃取程序集之前进行反沙箱测试和网络配置。到了第三阶段，PureLogs开始实施信息窃取程序代码，并获取以下信息： 浏览数据 Chrome、Edge 和 Opera 扩展 加密货币钱包应用程序 桌面应用程序 受害者计算机信息 文件夹、文件扩展名等都可以被 PureLogs 识别并抓取，并可将相关数据传输到 Telegram。PureLogs 的Telegram 面板可显示受害者的详细信息、被窃数据的数量、捕获的屏幕截图以及可以整个下载的日志文件。 由于该恶意软件非常易于操作、价格低廉且进入门槛低，让低水平攻击者也能成功实施较复杂的攻击操作。 参考来源：PureLogs, Low Cost Infostealer Attacking Chrome Browser     转自FreeBuf，原文链接：https://www.freebuf.com/news/412760.html 封面来源于网络，如有侵权请联系删除

A vulnerability was found in magzter Indian Management 3. It has been declared as critical. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-7656. The attack needs to be initiated within the local network. There is no exploit available.

33.9% of tech professionals report a shortage of AI security skills, particularly around emerging vulnerabilities like prompt injection, according to O’Reilly. This highlights the need for specialized training as AI adoption continues to accelerate across industries. Critical skills gaps emerging in AI and cloud security Cloud security expertise also emerges as a significant concern. Despite cloud computing’s two-decade presence, 38.9% of respondents identified cloud security as the most significant skills shortage. This revelation underscores a … More →

The post CISSP and CompTIA Security+ lead as most desired security credentials appeared first on Help Net Security.

While AI has captured the attention of the technology industry, the majority of CIOs and senior IT leaders are primarily focused on the convergence of networking and security, according to Extreme Networks. The survey, fielded in July and August 2024, polled 200 CIOs and senior IT leaders across a variety of vertical markets and found that CIOs stack ranked their top three IT priorities for the second half of 2024 as 1) securing their enterprise … More →

The post CIOs want a platform that combines AI, networking, and security appeared first on Help Net Security.

A vulnerability was found in Verkehrsmuseum Dresden Transport Museum 2.2. It has been classified as critical. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-7655. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in nghttp2 up to 1.7.0. This issue affects some unknown processing. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2016-1544. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

We present a list of selected cybersecurity companies that received funding during the third quarter of 2024 (Q3 2024). Apono October | 15.5 million Apono has raised $15.5 million in a Series A funding led by New Era Capital Partners, with participation from Mindset Ventures, Redseed Ventures, Silvertech Ventures, initial seed investors, and more. Chainguard July | $140 million Chainguard has completed a $140 million Series C round of funding led by Redpoint Ventures, Lightspeed … More →

The post Breaking down the numbers: Q3 2024 cybersecurity funding activity recap appeared first on Help Net Security.

图片来源：SOLEES TIME VIA UNSPLASH 10月11日，日本电子产品制造商卡西欧公司证实，先前宣布的网络事件确为一起勒索软件攻击。此次攻击可能暴露了员工、客户、业务合作伙伴和附属公司的信息。 卡西欧在一份更新的声明中称，10 月 5 日的攻击涉及 “受到第三方勒索软件攻击破坏 ”的服务器。   勒索软件攻击导致多个系统无法使用，调查显示黑客已经获得了受影响服务器上的数据。随后，该公司关闭了服务器，并聘请外部安全公司协助应对。 10 月 6 日，卡西欧公司向日本警方通报了这一事件，10 月 7 日还联系了日本个人信息保护委员会。   截至10月11日，卡西欧公司表示，它认为临时员工和合同工的个人信息已经泄露。附属公司员工的个人信息也被泄露，同时被泄露的还有业务合作伙伴、过去曾参加过公司面试的人员以及 “使用公司和部分附属公司提供的服务 ”的部分客户数据。 卡西欧公司没有公开每一组所泄露的具体数据，但表示不包括客户的信用卡信息。 声明还补充说，所有业务合作伙伴以及卡西欧附属公司有关的合同、发票和销售信息也在攻击中泄露。 黑客可能已经访问了内部法律文件以及人力资源规划、审计、销售、技术信息等方面的数据。 卡西欧提醒到：“请注意，您的个人信息有可能被滥用于向您发送陌生的电子邮件，如钓鱼邮件或垃圾邮件。如果您收到任何可疑邮件，请不要打开并立即删除。 ”  该公司强调不要通过社交媒体传播被盗信息，因为这 “可能会增加因本案信息泄露造成的损失，侵犯受影响者的隐私，对他们的生活和业务造成严重影响，并助长犯罪”。 随后，“地下 ”勒索软件团伙宣称是他们发动了这次攻击。黑客称，他们从该公司窃取了 204.9 GB 的数据，并提供了被窃取数据的样本作为证明。 研究人员称，该组织于 2023 年 7 月首次出现，一些专家解释说，它似乎与总部设在俄罗斯的 RomCom 网络犯罪组织有联系。 Fortinet 指出，该组织已经列出了 16 名受害者，其中大部分位于美国和欧洲。微软去年发布了一份报告，概述了 RomCom 的行动，称其： “会伺机开展勒索软件和勒索行动，以及实施有针对性的凭证收集活动，而这一切的目的很可能是为了支持情报行动”。 RomCom 组织还部署了地下勒索软件，它与 2022 年 5 月首次在野外观察到的工业间谍勒索软件密切相关。 已查明的勒索软件攻击影响了电信和金融等行业。 微软补充说：“他们发现了这与 “工业间谍 ”勒索软件的 “大量代码重叠”，他们认为这意味着 “地下 ”是同一行动的重塑。” 消息来源：The Record，译者：XX；   本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Tuned Studios Subwoofer. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to path traversal. This vulnerability is handled as CVE-2008-0231. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as very critical, was found in Microsoft Vfp Ole Server Activex Control. Affected is an unknown function of the component ActiveX Control. The manipulation leads to code injection. This vulnerability is traded as CVE-2008-0235. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Microsoft Visual FoxPro 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality in the library vfp6r.dll of the component ActiveX Control. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2008-0236. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft Rich Textbox Control 6.0 and classified as critical. Affected by this issue is some unknown functionality of the file richtx32.ocx of the component ActiveX Control. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2008-0237. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in UploadScript 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument pass leads to improper access controls. This vulnerability is known as CVE-2008-0246. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in phpwebquest 2.6. This vulnerability affects unknown code of the component Error Message Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2008-0249. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Gateway WebLaunch 1.0.0.1. It has been rated as critical. This issue affects some unknown processing of the file weblaunch.ocx of the component ActiveX Control. The manipulation of the argument second leads to path traversal. The identification of this vulnerability is CVE-2008-0221. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in osDate 2.0.8. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file php121db.php. The manipulation of the argument php121dir leads to code injection. This vulnerability is known as CVE-2008-0230. The attack can be launched remotely. Furthermore, there is an exploit available.