Aggregator

A vulnerability, which was classified as problematic, was found in ZyXEL Prestige 310/642r. Affected is an unknown function of the component Telnet/FTP/DHCP Service. The manipulation leads to denial of service. This vulnerability is traded as CVE-2002-1071. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Министерство торговли готовит революционные правила для автомобильной индустрии.

Илон Маск вновь переопределил планы компании на ближайшие годы.

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-linked APT group Earth Baxia has targeted a government organization in Taiwan and potentially other countries in the Asia-Pacific (APAC) region. The threat actor used spear-phishing emails and exploited the […]

Apple’s latest operating system update, macOS 15, also known as Sequoia, has disrupted the functionality of several prominent security tools. Users and developers have taken to social media and Mac-focused Slack channels to express their frustration over the issues caused by the update. Security tools from companies like CrowdStrike, SentinelOne, Microsoft, and others have reportedly […]

The post macOS Sequoia Update Breaks Multiple Security Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Checkmk up to 2.2.0p33/2.3.0p15. It has been rated as critical. This issue affects some unknown processing of the component Two Factor Authentication. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2024-8606. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in YITH WooCommerce Ajax Search Plugin up to 2.7.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Block Attribute Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-7846. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Quiz and Survey Master Plugin up to 9.1.2 on WordPress. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8758. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Microsoft Windows. This affects the function LoadUvsTable of the component Uniscribe. The manipulation leads to data processing error. This vulnerability is uniquely identified as CVE-2016-7274. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

安全专家 Bruce Schneier 认为以色列的袭击改变了世界。以色列通过引爆在传呼机和对讲机等个人使用的无线设备中植入的塑料炸弹而杀死了至少 37 人。这一行动令世界震惊，但以色列所使用的方法并不新颖，该国以前就通过渗透供应链在设备中植入塑料炸弹。此次行动的新颖之处在于其毁灭性和公开性，凸显了日益扩大的灰色地带。供应链很脆弱，我们更脆弱，计算机、汽车、冰箱、家用恒温器等等各种电子设备提供了无处不在的目标。国际供应链中的任何国家和个人都可能破坏设备。在以色列跨过界限之后，其它国家几乎肯定会认为这种策略是可接受的。它可以在战争期间对军队展开，也可以在战前对平民展开。发达国家将特别容易受到攻击，因为国民拥有太多容易遭到攻击的电子设备。

A vulnerability has been found in Microsoft Windows 10/Server 2016 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Log File System Driver. The manipulation leads to information disclosure. This vulnerability is known as CVE-2016-7295. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

据国家安全部微信公众号消息，今年以来，一个名为“匿名者64”的黑客组织，针对中国大陆和港澳地区，频繁开展网络攻击。

Цифровые воры празднуют победу над новой защитной функцией.

FreeBSD has disclosed a critical remote code execution (RCE) vulnerability affecting its bhyve hypervisor. This vulnerability, CVE-2024-41721, could allow attackers to execute malicious code on the host system. The advisory, which was announced on September 19, 2024, credits Synacktiv with discovering the flaw. CVE-2024-41721 – Vulnerability Details As per a report by FreeBSD, the vulnerability […]

The post FreeBSD RCE Vulnerability Let Attackers Execute Malicious Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

没有时间怀念中秋假期啦，马上赶到现场的是——FCIS 2024 「白帽大会」议题征集！你是否身负高超技术，却苦于没有交流的舞台…你是否正在摸索前路，急需一颗指路的启明星…宝剑愈磨愈利，真理愈辩愈明十年磨剑，只待今朝期待你拿起话筒，slay全场！PART.01关于FCISFCIS 2024网络安全创新大会（2024 FreeBuf Cyber Security Innovation Summit，简

A vulnerability was found in NVIDIA Graphics Driver up to 341/369.58/375.62 on Quadro/NVS/GeForce. It has been declared as critical. This vulnerability affects the function DxgDdiEscape in the library nvlddmkm.sys of the component Kernel Mode Layer. The manipulation leads to improper access controls. This vulnerability was named CVE-2016-7390. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.