Creating the right organisational culture for cyber security
Calling cyber security professionals, culture specialists and leaders to drive uptake of new Cyber security culture principles.
Aggregator
CVE-2021-34481 | Microsoft Windows Print Spooler Service privilege escalation
5 months 3 weeks ago
A vulnerability was found in Microsoft Windows. It has been classified as very critical. This affects an unknown part of the component Print Spooler Service. The manipulation leads to privilege escalation.
This vulnerability is uniquely identified as CVE-2021-34481. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to change the configuration settings.
vuldb.com
CVE-2019-11358 | Oracle Financial Services Loan Loss Forecasting up to 8.0.7 Apache httpd cross site scripting (EDB-52141 / Nessus ID 208606)
5 months 3 weeks ago
A vulnerability was found in Oracle Financial Services Loan Loss Forecasting and Provisioning up to 8.0.7. It has been classified as critical. This affects an unknown part of the component Apache httpd. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2019-11358. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
French police reportedly arrest suspected BreachForums administrators
5 months 3 weeks ago
Several suspects tied to the cybercrime site BreachForums have been arrested in France, according to a local news report, including alleged administrators known as ShinyHunters and Intelbroker.
Stealth China-linked ORB network gaining footholds in US, East Asia
5 months 3 weeks ago
The number of devices infected by LapDogs is smaller than other ORBs, but that is likely by design, according to SecurityScorecard researchers.
The post Stealth China-linked ORB network gaining footholds in US, East Asia appeared first on CyberScoop.
Matt Kapko
特斯拉的自动驾驶出租车引起了联邦安全监管机构的关注
5 months 3 weeks ago
安全客
CVE-2009-4822 | Kasseler CMS 1.3.4 index.php cross site scripting (EDB-10581 / XFDB-54953)
5 months 3 weeks ago
A vulnerability classified as problematic was found in Kasseler CMS 1.3.4. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2009-4822. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
得克萨斯州州长签署法案,将比特币纳入官方储备
5 months 3 weeks ago
安全客
North Korean Hackers as Recruiters Attacking Developers With 35 New Malicious npm Packages
5 months 3 weeks ago
North Korean threat actors have launched a sophisticated supply chain attack campaign, embedding 35 malicious npm packages across 24 compromised accounts to target software developers through an elaborate recruitment deception. The campaign, identified as an extension of the ongoing “Contagious Interview” operation, represents a significant escalation in state-sponsored cyber espionage tactics targeting the open-source software […]
The post North Korean Hackers as Recruiters Attacking Developers With 35 New Malicious npm Packages appeared first on Cyber Security News.
Tushar Subhra Dutta
欧洲领导人担心他们过于依赖美国技术
5 months 3 weeks ago
安全客
Interlock
5 months 3 weeks ago
You must login to view this content
cohenido
英国广播公司(BBC)扬言要起诉 Perplexity 滥用人工智能
5 months 3 weeks ago
安全客
伊朗证实关闭互联网以保护国家免受网络攻击
5 months 3 weeks ago
安全客
报告警告复杂的 DDoS 攻击活动将使全球银行陷入瘫痪
5 months 3 weeks ago
安全客
BreachForums hacking forum operators reportedly arrested in France
5 months 3 weeks ago
The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions. [...]
Bill Toulas
WordPress Motors 主题漏洞被大规模利用来劫持管理员账户
5 months 3 weeks ago
安全客
Интернет превратился в рентген для силовых структур. Просвечивает всех насквозь
5 months 3 weeks ago
Загружаешь фото — получаешь досье. Когда официальные данные работают против системы.
INC
5 months 3 weeks ago
You must login to view this content
cohenido
CVE-2007-3182 | Calendarix cal_footer.inc.php leftfooter cross site scripting (EDB-30232 / XFDB-35045)
5 months 3 weeks ago
A vulnerability was found in Calendarix. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file cal_footer.inc.php. The manipulation of the argument leftfooter leads to basic cross site scripting.
This vulnerability is known as CVE-2007-3182. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Ransomware attack contributed to patient’s death, says Britain’s NHS
5 months 3 weeks ago
A cybercrime group's attack against a London-based pathology service last year was one of the "contributing factors" in the death of a patient, U.K. officials said.