Aggregator

A vulnerability was found in Linux Kernel up to 6.8.1 and classified as critical. Affected by this issue is the function of_find_device_by_node of the component tegra. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2023-52650. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A hack of health care services provider ConnectOnCall exposed the sensitive data of more than 914,000 users, the latest proof point of the growing interest threat actors have in targeting hospitals and other health care organizations.

The post Health Care Data of Almost 1 Million ConnectOnCall User Exposed appeared first on Security Boulevard.

A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function sub_40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. This vulnerability was named CVE-2024-12352. The attack can be initiated remotely. Furthermore, there is an exploit available.

Cloudflare observed a 4x increase in bot-related traffic on Black Friday in 2024. 29% of all traffic on our network on Black Friday was Grinch Bots wreaking holiday havoc.

In 2024, as elections took place across over 60 countries, the Internet became both a battleground for cyberattacks and a vital platform for democratic engagement.

Since October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas, reeling in others on a global scale.

National Public Data, a background check company that collects sensitive personal information, is facing a class-action legal complaint for allowing the data from 2.9 billion people to be stolen in a breach and later sold on the dark web for millions of dollars.

The post Best of 2024: National Public Data Sued for Hack that Exposed Data of 2.9 Billion People appeared first on Security Boulevard.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

Chinese crooks are running a global network of more than 75,000 fake online shops to steal credit card data and process fraudulent payments.

The post Best of 2024: Massive Online Shopping Scam Racks Up 850,000 Victims appeared first on Security Boulevard.

Cybersecurity researchers have found that it's possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. "Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate existing malware, making it harder to detect," Palo Alto Networks Unit 42 researchers

A vulnerability was found in Novell NetWare 5.1/6.0 and classified as critical. This issue affects some unknown processing of the file CGI2PERL.NLM of the component PERL Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2003-0562. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in NAI PGP 5/7.0.3. It has been declared as problematic. This vulnerability affects unknown code of the component ASCII Armor Parser. The manipulation leads to improper privilege management. This vulnerability was named CVE-2001-0265. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

OpenAI 的 12 连发「远低预期」？我们和内行人聊了聊。

A vulnerability was found in F-Secure Anti-Virus and classified as critical. Affected by this issue is some unknown functionality of the component RAR Archive Handler. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2004-0771. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.