Aggregator

A vulnerability was found in Moodle 4.3. It has been rated as problematic. This issue affects some unknown processing of the file /grade/report/grader/index.php. The manipulation of the argument searchvalue leads to cross site scripting. The identification of this vulnerability is CVE-2023-46858. The attack may be initiated remotely. There is no exploit available. The real existence of this vulnerability is still doubted at the moment.

A vulnerability was found in Rockwell Automation Arena 7.8/16.20. It has been declared as critical. This vulnerability affects unknown code of the component Malformed File Handler. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2023-27854. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rockwell Automation Arena 16.20.00001. It has been rated as critical. This issue affects some unknown processing of the component Malformed File Handler. The manipulation leads to uninitialized pointer. The identification of this vulnerability is CVE-2023-27858. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Six Apart Movable Type 7, Movable Type Advanced 7, Movable Type Premium, Movable Type Premium Advanced, Movable Type Cloud Edition and Movable Type Premium Cloud Edition. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-45746. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in LiquidFiles up to 3.7.13. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads to injection. This vulnerability is known as CVE-2023-4393. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Auto Excerpt Everywhere Plugin up to 1.5 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2023-46776. It is possible to initiate the attack remotely. There is no exploit available.

很多人都不知道，刘智创立石犀科技的核心原因，竟是来源于十二年前的一个念头，也是支撑他一路走来的初心。

HackerNews 编译，转载请注明出处： 网络安全公司Arctic Wolf研究人员警告，自2025年1月以来，威胁分子持续利用编号CVE-2021-20035（CVSS评分7.1）的漏洞攻击SonicWall安全移动接入（Secure Mobile Access，SMA）设备。 该漏洞本质是SMA100管理界面存在的操作系统命令注入缺陷。远程认证攻击者可利用该漏洞以’nobody’用户身份注入任意指令，最终可能导致任意代码执行。 安全公告明确指出：”SMA100管理界面特殊元素中和处理不当，致使远程认证攻击者能以’nobody’用户身份注入任意指令，存在代码执行风险。” 受影响的设备型号包括SMA 200、SMA 210、SMA 400、SMA 410及SMA 500v系列。厂商已于2021年9月发布补丁。攻击者可通过该漏洞发起拒绝服务（DoS）攻击瘫痪设备。 本周，美国网络安全与基础设施安全局（CISA）将该漏洞纳入已知被利用漏洞目录（KEV），并命令联邦机构须于2025年5月7日前完成修复。 SonicWall同步更新安全公告，确认该漏洞已在真实攻击中被利用。Arctic Wolf监测发现，2025年1月至4月间，针对SMA 100系列设备的攻击活动持续活跃，攻击者旨在窃取VPN凭证。 攻击特征分析： 1、利用默认超级管理员账户（admin@LocalDomain）实施入侵 2、多数设备仍使用默认弱密码”password” 3、即使已完整打补丁设备，若密码管理不当仍可能沦陷 Arctic Wolf在技术报告中强调：”本次攻击活动最显著特征是攻击者利用设备本地超级管理员账户实施入侵，该账户默认密码’password’存在严重安全隐患。” 报告同步披露了完整危害指标（IoCs）。 防护建议： 1、严格限制VPN访问权限 2、禁用所有闲置账户 3、强制启用多因素认证（MFA） 4、重置SMA防火墙所有本地账户密码 监测显示，攻击者主要针对未及时修改默认凭证的设备展开渗透。Arctic Wolf持续监控攻击态势，敦促所有使用SonicWall SMA设备的企业立即实施应急响应措施。       消息来源：securityaffairs； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文

议题PPT可在先知社区官网查看～

议题PPT可在先知社区官网查看～

第三届京麒CTF挑战赛已开启，5 月 24 日，我们在代码与攻防的战场等你，用技术证明：下一个网络安全之星，就是你！

第三届京麒CTF挑战赛已开启，5 月 24 日，我们在代码与攻防的战场等你，用技术证明：下一个网络安全之星，就是你！

快速浏览！2025.4.14—4.20安全动态周回顾。

生成式AI正以每分钟数万封AI生成的恶意邮件突破传统邮件防御体系。

APT29的战术和工具集不断发展，变得更加隐蔽和先进，需要多层防御和提高警惕来发现和阻止。

A vulnerability was found in RobotStats 1.0 and classified as critical. This issue affects the function formulaireRobot in the library admin/robots.lib.php. The manipulation of the argument robot leads to sql injection. The identification of this vulnerability is CVE-2014-9348. The attack may be initiated remotely. Furthermore, there is an exploit available.

Obfuscation Detection Obfuscation Detection is a Binary Ninja plugin to detect obfuscated code and interesting code constructs (e.g., state machines) in binaries. Given a binary, the plugin eases analysis by identifying code locations which might...

The post Obfuscation Detection: Detect obfuscated code and interesting code constructs appeared first on Penetration Testing Tools.

Хакер продавал пароли за копейки — светит ли ему теперь «скидка» на тюремный срок?

PSGumshoe PSGumshoe is a Windows PowerShell module for the collection of OS and domain artifacts for the purposes of performing live response, hunt, and forensics. The module focuses on being as forensically sound as...

The post PSGumshoe: Windows PowerShell module for the collection of OS and domain artifacts appeared first on Penetration Testing Tools.

燃烧化石燃料或森林产生的黑碳会加速世界各地冰层的融化。巴西前总统 Jair Bolsonaro 在 2019-2023 年任期内鼓励当地农民焚烧雨林，将森林变成耕地。根据巴西国家太空研究院的数据，2019 年亚马逊地区的森林砍伐率创 2008 年以来的最高水平，火灾热点超过 8.9 万个。研究人员通过分析卫星数据发现，焚烧亚马逊雨林产生的黑炭通过大气走廊降落南极，黑炭会吸收热量，因此会加剧冰的融化。由于焚烧森林，2019-2020 年期间输送的黑炭气溶胶两倍于 2018-2019 年，南极韦德尔海（Weddell Sea）的海冰融化面积同期从 1.3 万平方公里增加到 3.3 万平方公里。