Aggregator

A vulnerability was found in Iplanet Web Server up to 4.1 and classified as very critical. Affected by this issue is some unknown functionality of the component URI Handler. The manipulation of the argument GETPROPERTIES/GETATTRIBUTENAMES leads to memory corruption. This vulnerability is handled as CVE-2001-0746. The attack may be launched remotely. Furthermore, there is an exploit available.

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, first observed in December 2022, is the latest instance of the nation-state adversary "embedding

免费AI文本生成图像：Bylo.ai

免费Google Trends 关键词分析工具-Trends Radar

WEMO 微信朋友圈备份工具

In a settlement announced on Tuesday, the FTC banned Gravy Analytics and Mobilewalla from selling sensitive location data

A vulnerability has been found in Grandstream Budgetone 102 1.0.6.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Firmware. The manipulation leads to denial of service. This vulnerability is known as CVE-2005-2581. The attack can be launched remotely. Furthermore, there is an exploit available.

Wirral University Teaching Hospital is recovering from a cybersecurity incident that occurred on November 25, with some patient services still disrupted as systems are being restored

A vulnerability was found in Oberthur ID-One COSMO 64. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Crypto. The manipulation leads to an unknown weakness. This vulnerability is handled as CVE-2012-5860. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as critical was found in Vanilla Forums. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2012-4954. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Dell OpenManage Server Administrator. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2012-4955. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Patterninsight Pattern Insight 2.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Error Message Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2012-4950. The attack may be launched remotely. There is no exploit available.

DroidBot: Insights from a new Turkish MaaS fraud operation

Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indian Army targets.

The post Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage appeared first on Microsoft Security Blog.

The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]

The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]

莫道桑榆晚，为霞尚满天：「在职社会人」备考应试指南

MarkEdit – 只有 2.36 MB 的开源 Markdown 编辑器，为 macOS 预览增加预览 .md 格式

A vulnerability classified as critical was found in Linux Kernel up to 5.10.202/5.15.140/6.1.64/6.6.3 on Redis. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2023-52775. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.32/6.9.3. It has been declared as critical. This vulnerability affects the function __blkcg_rstat_flush of the component blk-cgroup. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-38384. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.