Aggregator

股东们，逼自己最后冲刺一把，瓜分更多年度现金分红

MITRE 表示：“这些漏洞通常很容易发现和利用，但可能会导致可利用的漏洞，使对手能够完全接管系统、窃取数据或阻止应用程序运行。”

Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com. "An

A vulnerability was found in Century Systems FutureNet NXR-G110, FutureNet NXR-G060 and FutureNet NXR-G050 up to firmware versions 21.15.7/later but 21.15.8. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component REST-API. The manipulation leads to incorrect provision of specified functionality. This vulnerability is known as CVE-2024-50357. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

我们在日常威胁狩猎中观察到该组织持续活动，其模仿官方网站制作钓鱼网页进行定向钓鱼，当受害者访问这类网站时会自动下恶意载荷，该载荷会进一步加载Sliver RAT进行窃密和远程控制行动

我们在日常威胁狩猎中观察到该组织持续活动，其模仿官方网站制作钓鱼网页进行定向钓鱼，当受害者访问这类网站时会自动下恶意载荷，该载荷会进一步加载Sliver RAT进行窃密和远程控制行动

Mozilla 宣布，Firefox 的 Linux 二进制版本打包格式从 .tar.bz2 切换到 .tar.xz。这一改变将减少下载的文件容量缩短解压缩时间。Firefox 的 .tar.xz 包平均比 .tar.bz2 包小 25%，意味着能更快完成下载，节省时间和带宽。此外 tar.xz 包解压所需时间只需要 .tar.bz2 的二分之一。Mozilla 解释说，选择.tar.xz 而不是 Zstandard (.zst)的原因是虽然 Zstandard 解压更快，但压缩率低于 .tar.xz，而且 Linux 发行版基本都支持 .tar.xz，兼容性更胜一筹。

A report from the charity the Cyber Helpline found that 98% of cyber enabled crimes result in no further action from the police or justice system

Детективы и утечки данных помогли компании победить в суде.

Роскомнадзор усиливает давление на платформу.

A vulnerability, which was classified as problematic, has been found in PHP Jabbers Rental Property Booking 2.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. This vulnerability is handled as CVE-2023-4117. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Wirral University Teaching Hospital in the UK has been hit by a targeted cyberattack, leading to the declaration of a major incident. The cyberattack has affected the hospital’s IT systems, necessitating a shift from digital to paper-based processes in certain areas. A spokesperson for the hospital stated, “We expect the major incident that was declared […]

The post UK Healthcare Provider Hit by Cyberattack, Services Affected appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in msg Suisse AG EasyTax up to 2021/2022 1.3/2023 1.2. It has been classified as critical. Affected is an unknown function. The manipulation leads to xml external entity reference. This vulnerability is traded as CVE-2024-9044. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in NEC UNIVERGE IX up to 10.8.27/10.9.14/10.10.21 and classified as problematic. This issue affects some unknown processing of the component Management Interface. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-11014. The attack may be initiated remotely. There is no exploit available.

为了更加真实、全面、客观地展现国内网络安全厂商的现状，发现其中真正有能力、可落地、引领创新的安全品牌，同时也帮 […]