Aggregator

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which

Больше вы никогда не спутаете ML с LLM и запросто отличите «галлюцинации» от «предвзятости».

A vulnerability has been found in OpenVAS OpenVAS Manager up to 2.0 and classified as critical. Affected by this vulnerability is the function email of the file manage_sql.c. The manipulation leads to improper input validation. This vulnerability is known as CVE-2011-0018. The attack can be launched remotely. Furthermore, there is an exploit available.

A new malicious software named “Fury Stealer” has been detected, posing a significant threat to online security. The malware, created by an unidentified threat actor, is designed to steal sensitive information, including login passwords, from unsuspecting victims. Cybersecurity analyst MonThreat first reported the announcement of this harmful tool on the social media platform X. What […]

The post New Fury Stealer Attacking Victims to Steal Login Passwords appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Adobe Acrobat Reader up to 11.0.22/2015.006.30355/2017.011.30066/2017.012.20098 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2017-16397. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The slow adoption of SaaS security could catch organizations off guard because SaaS operates at a different pace than traditional software.

The post SaaS Security: Are You Moving Fast Enough? appeared first on Security Boulevard.

Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. "It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector," cybersecurity

A vulnerability, which was classified as problematic, was found in SeaCMS 12.9. This affects an unknown part of the file admin_collect_news.php. The manipulation of the argument siteurl leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-44920. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 129.x. Affected by this issue is some unknown functionality of the component Popup Window Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is handled as CVE-2024-8386. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox up to 129.x. Affected by this vulnerability is an unknown functionality of the component WASM. The manipulation leads to type confusion. This vulnerability is known as CVE-2024-8385. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Firefox up to 129.x. Affected is an unknown function of the component JavaScript Garbage Collector. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-8384. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 129.x. It has been rated as problematic. This issue affects some unknown processing of the component Internal Browser Event Interface. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-8382. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 129.x. It has been declared as critical. This vulnerability affects unknown code of the component Property Name Lookup. The manipulation leads to type confusion. This vulnerability was named CVE-2024-8381. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SeaCMS 12.9. It has been classified as critical. This affects an unknown part of the file /dmplayer/dmku/index.php?ac=del. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-44921. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Mozilla Firefox up to 129.x and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2024-8389. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 129.x and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Notifications Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is known as CVE-2024-8388. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 129.x. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-8387. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Python CPython up to 3.13.0rc1. This issue affects some unknown processing of the component Tar File Handler. The manipulation leads to inefficient regular expression complexity. The identification of this vulnerability is CVE-2024-6232. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. Cisco Talos researchers discovered eight vulnerabilities in Microsoft apps for macOS. These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. This could enable access to sensitive resources like the microphone, camera, and screen […]