Aggregator

Hackers have infiltrated the Japan Aerospace Exploration Agency (JAXA), compromising the accounts of several high-ranking officials, including President Hiroshi Yamakawa. This alarming incident is part of a series of cyberattacks targeting JAXA since June 2023, raising concerns about the security of sensitive information related to space exploration and national security. Multiple Attacks Target High-Level Officials […]

The post Hackers Breached Japan Aerospace Company’s President Account appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many organizations overlook social media account security. Many lack the safeguards to prevent unauthorized access — a situation no organization wants as

A vulnerability was found in Mozilla Firefox up to 47 and classified as critical. Affected by this issue is some unknown functionality of the component Error Page Handler. The manipulation leads to 7pk security features. This vulnerability is handled as CVE-2016-5268. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

10 月 3 日，英国政府宣布放弃印度洋领土 Chagos Islands 的主权，将其交给附近的岛国毛里求斯。英国的这一决定将导致一个流行的国家域名 .io 的消失。Github.io、itch.io、Google I/O... .io 域名被科技公司广泛使用。一旦英国政府完成对该群岛的主权转交，国际标准组织 ISO 将删除国家代码 IO，管理域名的组织 IANA 根据 ISO 规范确定应该存在哪些国家顶级域名。一旦 IO 被删除，IANA 将拒绝新的 .io 域名注册，并开始淘汰现有的 .io 域名。这一事件提醒我们现实世界事件如何影响我们的数字生活。不过好消息是，根据 ISO 3166-3 规定，删除国家代码的过渡期将会长达 50 年。.io 域名和网站不会在一夜之间消失。

千元奖励金又双叒叕来啦，文末有抽奖~

微软的2024年10月补丁周二交付了一系列重要的安全更新，解决了其生态系统中的121个漏洞。这包括三个关键漏洞和114个标记为重要的漏洞，跨越了微软的服务和软件的广泛。 遭受攻击的零日漏洞 本月的补丁包括修复两个已经在野外发现的被积极利用的零日漏洞。其中最令人担忧的漏洞之一是CVE-2024-43573，这是一个Windows MSHTML 平台中的欺骗漏洞。MSHTML，虽然经常与现已退役的Internet Explorer相关联，但仍然会影响遗留系统。虽然微软没有分享详细的利用细节，美国网络安全和基础设施安全局（CISA）已经标记了这个漏洞，敦促用户在2024年10月29日之前修补它。 另一个零日，CVE-2024-43572，是微软管理控制台（MMC）中的远程代码执行（RCE）漏洞。MMC是系统管理员广泛使用的工具，使得此漏洞在企业环境中具有高度的危险性。利用漏洞可以让攻击者获得对Windows系统的未经授权控制权，进一步突出了快速打补丁的重要性。 另外三个公开披露但在攻击中未被利用的零日漏洞是: CVE-2024-43583:Winlogon特权漏洞的提升。攻击者可能利用此漏洞获得对操作系统的SYSTEM级访问权限。 CVE-2024-6197:开源Curl远程代码执行漏洞。成功利用此漏洞需要客户端连接到恶意服务器，这可能允许攻击者在客户端上获得代码执行。 CVE-2024-20659 – Windows Hyper-V安全特性绕过漏洞。攻击者必须先获得对受限网络的访问权限，然后再执行攻击。成功利用此漏洞可能允许攻击者破坏虚拟机管理器和内核。 关键漏洞 除了零天，微软已经解决了三个关键的漏洞，可以允许远程代码执行或特权升级，如果不打补丁。 CVE-2024-43468（CVSS 9.8）：微软配置管理器（ConfigMgr）远程代码执行漏洞。未经身份验证的攻击者可能利用此漏洞在服务器或数据库上执行命令。 CVE-2024-43582:远程桌面协议（RDP）服务器中的一个严重缺陷可能允许攻击者发送恶意数据包，导致在具有与RPC服务相同权限的服务器上执行远程代码。 CVE-2024-43488: Visual Studio Code的Arduino扩展存在一个远程代码执行漏洞，使得攻击者能够绕过关键的身份验证检查。利用此漏洞可以在Arduino扩展中远程执行代码，从而危及用户的开发环境。 Windows核心组件中的漏洞 本月修复的几个漏洞针对的是系统安全不可或缺的关键Windows组件: CVE-2024-43502:一个Windows内核特权提升漏洞，可能允许攻击者在受影响的系统上获得最高级别的访问权限。 CVE-2024-43560:另一个影响Windows存储端口驱动程序的权限升级问题，提供了潜在的SYSTEM级访问。 微软Office和OpenSSH漏洞 10月的更新还解决了Microsoft Office和OpenSSH for Windows中的显著漏洞： UTE-2024-43609：Microsoft Office中的欺骗漏洞可能会在基于Web的攻击中被利用。攻击者可能会在网站上托管恶意文件，或诱骗用户通过电子邮件打开该文件，从而导致潜在的严重后果。 CVE-2024-43581和CVE－2024－43615号文件所列的Microsoft的OpenSSH for Windows的实现中的这些漏洞都是至关重要的，允许远程代码执行时被利用。使用OpenSSH的Windows服务器的管理员应优先考虑这些补丁。 从Windows打印假脱机程序组件到Visual Studio和远程桌面服务，本月的修补程序针对的漏洞几乎跨越微软的每一个主要产品。这包括欺骗、拒绝服务、特权提升和远程代码执行缺陷。值得注意的是，本月早些时候，微软解决了Microsoft Edge（基于铬）中的三个漏洞。 CISA 已将本月修补的零日漏洞 CVE-2024-43573 和 CVE-2024-43572 纳入其已知被利用漏洞目录，强调了立即修补的重要性。CISA建议用户在2024年10月29日之前修补所有零日漏洞和关键漏洞，以避免成为主动的受害者。     转自安全客，原文链接：https://www.anquanke.com/post/id/300639 封面来源于网络，如有侵权请联系删除

A vulnerability classified as critical has been found in Myanmar Movies HD 0.1. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-7517. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Adobe Animate up to 23.0.7/24.0.4. Affected is an unknown function. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-47418. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Adobe Animate up to 23.0.7/24.0.4. This issue affects some unknown processing. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2024-47417. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Animate up to 23.0.7/24.0.4. This vulnerability affects unknown code. The manipulation leads to integer overflow. This vulnerability was named CVE-2024-47416. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Adobe Animate up to 23.0.7/24.0.4. This affects an unknown part. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-47415. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.7/24.0.4. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-47414. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.7/24.0.4. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2024-47413. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.