Aggregator

A vulnerability has been found in Google Android and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper input validation. This vulnerability was named CVE-2022-20459. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android. It has been classified as critical. Affected is an unknown function. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2022-20428. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android. It has been declared as critical. Affected by this vulnerability is the function mprot_unmap. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2022-20460. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in WithSecure up to 2022-08-10 and classified as problematic. This issue affects some unknown processing. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-38165. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in Zoho ManageEngine SupportCenter Plus up to 11024. It has been rated as problematic. Affected by this issue is some unknown functionality of the component User List Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2022-42903. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Media5 Mediatrix 4102 and classified as critical. Affected by this issue is some unknown functionality of the component UART Port. The manipulation leads to Local Privilege Escalation. This vulnerability is handled as CVE-2022-43096. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

As the field of artificial intelligence (AI) continues to evolve at a rapid pace, fresh research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable. MCP, launched by Anthropic in November 2024, is a framework designed to connect

Darktrace’s Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been exploiting legitimate Software-as-a-Service (SaaS) platforms like Milanote to orchestrate sophisticated phishing campaigns. These attacks, bolstered by the Tycoon 2FA phishing kit, demonstrate an advanced Adversary-in-the-Middle (AiTM) approach that circumvents multi-factor authentication (MFA) protections. Leveraging Legitimate Services for Stealthy Attacks By abusing […]

The post AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

基于多模态学习的混淆隧道流量行为检测方案 by ourren

2024年在野零日漏洞利用分析（上） by ourren

软件工厂关键技术分析及启示 by ourren

更多最新文章，请访问SecWiki

月球表面布满了陨石坑，从微小的坑到直径逾 1,000 公里的巨大盆地。绝大部分陨石坑形成于 40 亿年前的“晚期重轰炸期（late heavy bombardment）”，当时太阳系内的行星和卫星受到大量小行星和彗星的高频率撞击。地球的风化、侵蚀和构造活动会不断重塑地表，而月球缺乏大气层和地质活动，使得撞击特征能保存数十亿年。在陨石坑形成过程中，大量喷出的月球物质达到了月球逃逸速度并最终抵达地球。根据发表在预印本平台 arXiv 的一篇论文，研究人员报告，在月球遭遇大量撞击之后，在 10 万年内有大约 22.6% 的喷出物质抵达了月球，其中半数发生在撞击之后的 1 万年内。从月球背面喷出的物质与地球撞击的几率最高，从月球正面喷出的物质与地球撞击几率最低。

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment

 Tom Sheehan (Hurricane Labs Director of Cybersecurity Consulting and Compliance) attended the inaugural Horizon3 Global Partner summit last week.  This event brought together the brightest minds and boldest innovators in cybersecurity for a day of education, collaboration, and vision. Held in Frisco Texas, the event spotlighted Horizon3.ai’s evolving impact on security, showcasing a community [...]

The post Driving the Future of Cybersecurity: Highlights from the Horizon3 Global Partner Summit appeared first on Hurricane Labs.

The post Driving the Future of Cybersecurity: Highlights from the Horizon3 Global Partner Summit appeared first on Security Boulevard.

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising strategies. Recent investigations have uncovered a disturbingly effective method involving fake software downloads, such as a counterfeit “WinSCP” installer, propagated through malicious ads on platforms like Bing. One documented case revealed a user searching for “WinSCP download” via Microsoft Edge being […]

The post Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Dan Gorecki and Scott Brammer's interactive session during RSAC Conference 2025 encouraged security professionals to rethink their security postures and address evolving and emerging risks.

Google Threat Intelligence Group (GTIG)报告，2024 年检测到 75 个 0day，低于 2023 年的 98 个。其中 Windows 最多从 16 个增加到 22 个，Safari 和 iOS 的 0day 从 2023 年的 11 个和 9 个分别降至 3 个和 2 个。Android 7 个和 2023 年持平，Chrome 也是 7 个。Firefox 一个，俄罗斯黑客组织 CIGAR 利用 CVE-2024-9680 针对 Firefox 和 Tor 浏览器窃取用户数据。Google 表示成功追踪了 75 个 0day 中的 34 个，大部分攻击来自政府支持的组织，主要是窃取情报而不是出于经济动机，其中包括中国和朝鲜。

A vulnerability, which was classified as critical, was found in Tenda AC1200 15.11.0.10(1576). This affects the function setRemoteWebManage. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-42058. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Tenda AC1200 15.11.0.10(1576). It has been declared as critical. Affected by this vulnerability is the function setIPsecTunnelList. The manipulation of the argument IPsecLocalNet/IPsecRemoteNet leads to command injection. This vulnerability is known as CVE-2022-41396. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Tenda AC1200 15.11.0.10(1576). Affected is the function setDMZ. The manipulation of the argument dmzHost leads to command injection. This vulnerability is traded as CVE-2022-41395. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as critical was found in Tenda AC1200 15.11.0.10(1576). Affected by this vulnerability is the function setPortMapping. The manipulation of the argument PortMappingServer leads to command injection. This vulnerability is known as CVE-2022-42053. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in Pipeline Utility Steps Plugin up to 2.13.1 on Jenkins and classified as critical. This issue affects some unknown processing of the component Controller File System Handler. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2022-45381. The attack can only be initiated within the local network. There is no exploit available.