Aggregator

A sophisticated new backdoor malware has emerged from the shadows, operating undetected for over 20 months while infiltrating networks through an ingenious dual-mode activation system. Initially discovered masquerading as a Mirai variant, MystRodX represents a significant evolution in stealth malware design, utilizing DNS queries and ICMP packets as covert communication channels to evade traditional security […]

The post MystRodX Leveraging DNS and ICMP to Steal Sensitive Data From Hacked Systems appeared first on Cyber Security News.

瑞士开源国家级人工智能模型Apertus，由EPFL、ETH和CSCS合作开发，完全开放源代码及数据集，支持商用和定制改进。该模型训练数据涵盖1000多种语言的15万亿词条，并严格遵守robots.txt协议。Apertus提供8B和70B参数版本，在HuggingFace平台公开。

A sophisticated phishing operation has been running undetected for over three years across Google Cloud and Cloudflare infrastructure, impersonating major corporations including defense contractor Lockheed Martin. The campaign, which utilized advanced cloaking techniques and compromised expired domains, demonstrates a concerning failure in detection capabilities by two of the internet’s largest service providers. The operation began […]

The post Phishing Campaign Went Undetected for Over 3 Years on Google Cloud and Cloudflare appeared first on Cyber Security News.

为了让「删照片」从枯燥变得好玩，我做了《去留》这款 app 关于照片，所有人都会遇到两大难题：照片拍了不看删照片太累照片拍了不看，是因为很少会主动想起来要看什么照片，大多数照片发完朋友圈后就再也不看

苹果与谷歌达成协议，将使用谷歌的Gemini AI升级Siri，使其提供更准确的响应和操作。

István Nagy使用180cm卫星天线、Aliexpress LNB和SDRplay RSP1B接收Inmarsat 4A-F4的ADS-C信号。LNB用于DVB但也可接收3.6GHz ADS-C信号。ADS-C通过卫星传输飞机位置报告，适合无ADS-B覆盖区域，但设置复杂需大天线和LNB。István展示了低成本实现方法。

三菱電機製GENESIS64およびMC Works64には、インストール時の不適切なファイルアクセス権設定の脆弱性が存在します。

巴基斯坦俾路支解放军（BLA），这个长期盘踞在俾路支省的分离主义武装组织，正以惊人的速度和烈度，向巴基斯坦政府

克罗地亚CA未经授权向Cloudflare的公共DNS服务1.1.1.1签发3份TLS证书长达4个月未被发现，导致Windows和Edge用户可能被劫持。问题源于证书透明度机制未被充分关注。

该 subreddit 旨在辟谣都市传说并分享来自 Tor 暗网的真实可验证信息。

Sarah Rose Giddings发布了名为"rtl_tcp_echo"的软件程序，该中间人应用可同时监控、记录信号并回放IQ数据。兼容Linux，未来将支持Windows。该Go语言应用作为rtl_tcp服务器与客户端的代理，透明处理命令并记录IQ流，支持后续回放。

A vulnerability classified as critical was found in Moodle. This affects an unknown function of the component Setting Calendar Event Type. Such manipulation leads to improper access controls. This vulnerability is listed as CVE-2024-33996. The attack must be carried out from within the local network. There is no available exploit. Applying a patch is advised to resolve this issue.

A vulnerability was found in Moodle. It has been classified as problematic. This issue affects some unknown processing. This manipulation causes information exposure through error message. This vulnerability is tracked as CVE-2024-48896. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability identified as critical has been detected in PyMOL 2.5.0. This affects an unknown function of the component PYM File Handler. Performing manipulation results in improper authorization. This vulnerability is cataloged as CVE-2024-50636. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in libmodbus 3.1.10. It has been rated as problematic. This vulnerability affects the function modbus_write_bits. The manipulation leads to out-of-bounds read. This vulnerability is referenced as CVE-2024-34244. The attack needs to be initiated within the local network. No exploit is available.

A vulnerability has been found in Moodle and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Equation Editor. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2024-33997. The attack can be initiated remotely. There is not any exploit available. To fix this issue, it is recommended to deploy a patch.

HackerNews 编译，转载请注明出处： 盗版IPTV网络凭借低廉价格和广泛内容吸引用户，背后隐藏着数据泄露与恶意软件的巨大风险。 网络安全研究人员近日揭露了一个庞大的互联网协议电视（IPTV）盗版网络，该网络跨越1100多个域名和超过1万个IP地址。 这一已运作数年的盗版活动据称影响了20多个知名娱乐和体育品牌。 盗版网络的核心组织与运营 Silent Push的调查将该盗版网络与两家从托管未经许可内容中获利的公司联系起来——XuiOne和Tiyansoft。 这家网络安全公司还确认，阿富汗赫拉特的Nabi Neamati是其运营的关键人物。有证据表明，Neamati拥有Tiyansoft公司，并直接管理与该网络相关的域名。 盗版产业的巨额利润 调查结果凸显了盗版行业的暴利本质。此前研究显示，盗版IPT流媒体及相关内容每年产生数十亿美元的收益。 其中一个例子是该网络中的一个关联网站JVTVlive，声称在198个国家运行着2000台服务器。根据Silent Push的数据，这一说法似乎准确。 受影响的主要品牌 受到影响的知名品牌包括： Prime Video Disney Plus Netflix Apple TV Hulu HBO Formula 1 Premier League UFC 盗版服务的运营模式与风险 这些盗版服务以大幅折扣的价格提供 premium 内容，有时甚至宣传以低至每月15美元的价格提供数千个频道。 除了侵犯版权之外，这些平台对用户构成危险。Silent Push指出，消费者在与非法IPTV提供商打交道时经常面临欺诈性收费、身份盗窃或恶意软件的风险。 盗版网络的技术基础设施 与合法流媒体平台不同，IPTV网络通常依赖私人基础设施分发内容，这使得它们更难追踪，并且更容易被滥用于大规模盗版。 Silent Push研究人员指出，IP地址的数量超过了域名数量，这种模式与IPTV一致，而非其他类型的网络威胁。 调查人员将该网络追溯至多个站点。虽然这些域名随着时间的推移更换了IP地址和注册详细信息，但技术指纹和社交媒体账户将它们与Neamati及其公司联系起来。 版权确认的挑战 Silent Push强调，虽然该网络的内容几乎完全未经许可，但最终确认取决于受影响媒体公司的回应。 “没有这样的确认，从技术上讲，一些媒体公司可能与这些超 aggressive 的IPTV网络有许可协议，”Silent Push写道。 “然而，我们的团队没有观察到支持这一结论的证据。” 该公司计划在2025年9月23日举行的题为“大规模阻止盗版分发网络”的网络研讨会中讨论其调查结果。       消息来源：infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章介绍了Cloudflare错误代码521的含义及其常见原因。该错误表示Cloudflare无法连接到源站服务器以获取内容，并可能导致页面加载失败。