Aggregator

Когда циферблат не вмещает долг Google.

A recent investigation has uncovered previously unknown cryptojacking malware, dubbed MassJacker, which primarily targets users who download pirated software from sites like pesktop.com. This malware operates by replacing cryptocurrency wallet addresses copied by users with those belonging to the attackers, aiming to redirect funds to the threat actors’ wallets. The discovery highlights the risks associated […]

The post MassJacker Clipper Malware Targets Users Installing Pirated Software appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SocGholish, a sophisticated malware-as-a-service (MaaS) framework, has been identified as a key enabler in the distribution of RansomHub ransomware. This malicious framework exploits compromised websites by injecting them with obfuscated JavaScript loaders, which redirect users to fake browser update notifications. These notifications trick users into downloading and executing malicious files, thereby initiating the infection process. […]

The post SocGholish Exploits Compromised Websites to Deliver RansomHub Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent cybersecurity threat has emerged in the form of a steganographic campaign that uses seemingly harmless JPG files to distribute multiple types of malware, including password stealers like Remcos and AsyncRAT. This sophisticated attack begins with a phishing email containing a malicious Excel document that exploits a known vulnerability, CVE-2017-0199, to initiate the infection […]

The post New Steganographic Malware Hides in JPG Files to Deploy Multiple Password Stealers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A recent discovery by Palo Alto Networks’ Unit 42 has shed light on sophisticated malware targeting Internet Information Services (IIS) servers. This malware, developed in C++/CLI, a rare choice for malware authors, has been designed to mimic the behavior of cmd.exe to evade detection. The malware operates as a passive backdoor, integrating itself into the […]

The post New C++-Based IIS Malware Mimics cmd.exe to Evade Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Linux Directory Structure

Воскресить нельзя забыть: что же делать с потерянными монетами?

Мы проделали путь от эйфории к суровой реальности за 3 года.

A vulnerability classified as critical was found in pgAdmin. This vulnerability affects unknown code of the component Server Mode. The manipulation leads to path traversal. This vulnerability was named CVE-2022-0959. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability has been found in LayerSlider Plugin up to 7.1.1 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Project Slug Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2022-1153. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in pgAdmin up to 6.13. It has been rated as critical. This issue affects some unknown processing of the component URL Handler. The manipulation leads to open redirect. The identification of this vulnerability is CVE-2023-22298. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in pgAdmin up to 7.6. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to os command injection. This vulnerability was named CVE-2023-5002. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in LayerSlider Plugin up to 7.7.9 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2023-47786. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in D-Link DIR-823G 1.0.2B05. This issue affects the function sub_4484A8. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-27661. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in D-Link DIR-823G 1.0.2B05. Affected is the function sub_4110f4. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-27662. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in D-Link DIR-823G 1.0.2B05. This affects the function sub_42AF30. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-27659. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05. This vulnerability affects the function sub_41C488. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-27660. The attack needs to be approached within the local network. There is no exploit available.

MSS обнародовало данные о четырех членах группы.

Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats