Aggregator

本期，一位技术大咖为我们分享其企业特色，把脉市场动向。

多少国内车企，又开始焦虑了。

余承东：「能超越华为 Mate 的，只有华为 Mate！」

SpyLoan apps, a type of PUP, are rapidly increasing, exploiting social engineering to deceive users into granting excessive permissions, where these apps, installed millions of times, exfiltrate sensitive data to C2 servers via encrypted HTTP requests.  Primarily targeting South America, Southern Asia, and Africa, these apps are often promoted through deceptive social media ads, as […]

The post Beware Of SpyLoan Apps Exploits Social Engineering To Steal User Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. Array Networks’ AG Series and vxAG (versions 9.4.0.481 and […]

Вопрос национальной безопасности вызывает споры внутри Пентагона.

Cifas figures reveal scammers stole over £11bn from UK consumers in the past 12 months

CyberVolk, a politically motivated hacktivist group, has leveraged readily available ransomware builders like AzzaSec, Diamond, LockBit, and Chaos to launch DDoS and ransomware attacks against targets opposing Russian interests.  The highly skilled members of the group modify and improve these tools, which results in an increase in their level of sophistication and makes it more […]

The post Researchers Detailed Tools Used By Hacktivists Fueling Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Sharp/Toshiba Tec MFP. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-36249. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Qualcomm Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. It has been classified as critical. Affected is an unknown function of the component VP9 Decoding. The manipulation leads to use of out-of-range pointer offset. This vulnerability is traded as CVE-2017-11076. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in AXIS Q6128-E PTZ Network Camera and P1428-E Network Camera 6.50 and classified as critical. This issue affects some unknown processing of the component Ethernet Frame Handler. The manipulation leads to improper validation of specified quantity in input. The identification of this vulnerability is CVE-2024-47257. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Sharp/Toshiba Tec MFP and classified as critical. This vulnerability affects unknown code of the file billcodedef_sub_sel.html of the component HTTP Request Handler. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-36251. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Sharp/Toshiba Tec MFP. This affects an unknown part. The manipulation leads to hard-coded credentials. This vulnerability is uniquely identified as CVE-2024-36248. It is possible to initiate the attack remotely. There is no exploit available.

Одна буква может стоить вам состояния.

A vulnerability, which was classified as very critical, has been found in Sharp/Toshiba Tec MFP. Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials. This vulnerability is handled as CVE-2024-35244. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Sharp/Toshiba Tec MFP. Affected by this vulnerability is an unknown functionality of the component LDAP Authentication Handler. The manipulation leads to access to critical private variable via public method. This vulnerability is known as CVE-2024-34162. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Sharp/Toshiba Tec MFP. Affected is an unknown function of the component Telnet. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2024-33616. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Sharp/Toshiba Tec MFP. It has been rated as critical. This issue affects some unknown processing of the file sessionlist.html. The manipulation leads to authentication bypass using alternate channel. The identification of this vulnerability is CVE-2024-33610. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Sharp/Toshiba Tec MFP. It has been declared as critical. This vulnerability affects unknown code of the file installed_emanual_list.html. The manipulation leads to path traversal. This vulnerability was named CVE-2024-33605. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in Sharp/Toshiba Tec MFP. It has been classified as problematic. This affects an unknown part. The manipulation leads to storing passwords in a recoverable format. This vulnerability is uniquely identified as CVE-2024-32151. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.