Aggregator

A vulnerability was found in Exasol 24.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component JDBC Driver. The manipulation leads to injection. This vulnerability is known as CVE-2024-55551. The attack can be launched remotely. There is no exploit available.

On Jan. 11, 2025, Verisign supported the Internet Corporation for Assigned Names and Numbers (ICANN) in taking a major step to ensure the continued security, stability, and resiliency of the Domain Name System (DNS). While imperceptible to most users, this action – specifically, the introduction of a new Domain Name System Security Extensions (DNSSEC) Key […]

The post The 2024-2026 Root Zone KSK Rollover: Initial Observations and Early Trends appeared first on Verisign Blog.

Elastic announced an expanded partnership with an integrated offering that includes Tines Workflow Automation and the Elastic Search AI Platform to simplify security and observability workflow automation. The partnership equips security teams with security orchestration, automation and response (SOAR) and AI-driven security analytics capabilities, while observability teams benefit from enhanced incident response automation. “We’re thrilled about the Elastic and Tines partnership—it’s been a game-changer for our team and our ability to protect our vast network … More →

The post Elastic expands partnership with Tines to scale security operations appeared first on Help Net Security.

黑客利用PHP严重漏洞CVE-2024-4577，在Windows系统上部署Quasar RAT和XMRig挖矿软件。

Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more. However, this digital transformation also brings with it a heightened vulnerability to cyber threats. Recent research by our security team at PRODAFT has identified critical vulnerabilities in the mySCADA myPRO system, a widely […]

The post mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. SpyCloud, the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report, highlighting the rise of darknet-exposed identity data as the primary cyber risk […]

The post SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

With Cloudflare for AI, developers, security teams and content creators can leverage Cloudflare’s network and portfolio of tools to secure, observe and make AI applications resilient and safe to use.

Ежегодная конференция Nvidia GTC показала: у конкурентов просто нет шансов.

A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this issue is the function save_designation of the file /classes/Master.php. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-6650. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in IBM Security QRadar EDR 3.12. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2023-35006. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in idcCMS 1.35. Affected is an unknown function of the file /admin/dbBakMySQL_deal.php?mudi=backup. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-40331. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in idcCMS 1.35. This affects an unknown part of the file /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-40328. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in idcCMS 1.35 and classified as problematic. This vulnerability affects unknown code of the file /admin/softBak_deal.php?mudi=backup. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-40329. The attack can be initiated remotely. There is no exploit available.