Aggregator

ISC Stormcast播客于2025年8月21日发布，值班处理员为Xavier Mertens，当前威胁级别为绿色。

Workers Reject Traditional Advancement for Flexible, Purpose-Driven Career Paths
In 2025, professionals are abandoning the traditional career ladder for lateral moves and purpose-driven roles. Employers must adapt their advancement models or risk losing top talent, especially in critical fields like cybersecurity where flexibility matters most.

Hacking Was the Easy Part, Notifying McDonald's the Extremely Difficult Bit
A security researcher gained access to McDonald's global marketing portal by changing a single word in its URL, uncovering a slew of additional vulnerabilities. The hard part was notifying the burger giant about the flaws, says self-described ethical hacker "BobDaHacker."

Inotiv Inc. Tells SEC Some Business Operations Disrupted, No Recovery Date in Sight
Inotiv, a drug research and development firm, told federal regulators that it's been dealing with a cyberattack since Aug. 8 that has encrypted some IT systems and data, and is disrupting certain business operations. Ransomware gang Qilin has listed the company as a victim on its dark website.

Claude Models May Shut Down Harmful Chats in Some Edge Cases
Anthropic introduced a safeguard to its Claude artificial intelligence platform that allows certain models to end conversations in cases of persistently harmful or abusive interactions. The company said it's doing so not to protect human users, but as a way to mitigate risks to the models.

Successful Breaches Renew Fears of Operational Vulnerabilities Across Water Sector
Russia is suspected of escalating cyberattacks on European water utilities, including attempts to sabotage Polish and Norwegian water facilities and dams, signaling a broader threat to global critical infrastructure as state-backed actors exploit critical OT weaknesses amid global conflict.

三星将在9月2日发布9100 Pro 8TB固态硬盘，基于PCIe 5.0协议提供高达14,800MB/s的读取速度和13,400MB/s的写入速度。该版本售价约人民币8,225元（含散热器），适合游戏玩家和专业人士。

文章描述了一次安全测试过程，通过信息收集、漏洞利用和heapdump分析获取敏感信息，并成功接管阿里云控制台及检查minio存储桶内容。

错误代码521通常由Cloudflare引发，表示源服务器无法连接或响应。常见原因包括网络配置问题或服务器故障。解决方法包括检查源服务器状态、确认防火墙设置及网络连通性，并联系相关技术支持以排除故障。

HackerNews 编译，转载请注明出处： 比利时电信运营商Orange于8月21日披露，7月底发现一起网络攻击事件，导致85万个客户账户的数据遭泄露。 该比利时子公司声明“关键数据未受侵害：密码、电子邮箱地址、银行或财务信息均未被黑客获取”，但警告称：“黑客入侵了包含以下数据的IT系统：姓名、电话号码、SIM卡号、PUK码及资费套餐。”公司解释称，PUK码（个人解锁密钥）是8位安全码，当客户多次输入错误PIN码时可用来解锁SIM卡。 公司未立即回应关于事件发现与披露时间的质询，但在声明中表示，团队在发现问题后“立即封锁受影响系统的访问权限并强化安全措施”。声明补充道：“比利时Orange已向相关部门报警，并向司法机构提交正式投诉。” 此次攻击发生前，其母公司Orange集团于7月25日曾发现影响内部系统的网络攻击。当时Orange集团表示无证据显示客户数据被窃取。Orange未说明两起事件是否关联，也未更新此前声明。两次攻击的具体性质均未公开。 官方声明称，受影响客户将通过短信和邮件收到通知，并敦促其警惕专用网页上提示的钓鱼攻击风险。       消息来源： therecord； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability categorized as critical has been discovered in cym1102 nginxWebUI up to 3.9.9. This affects the function handlePath of the file /adminPage/conf/saveCmd. Such manipulation of the argument nginxPath leads to improper certificate validation. This vulnerability is documented as CVE-2024-3738. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability identified as critical has been detected in cym1102 nginxWebUI up to 3.9.9. This impacts an unknown function of the file /adminPage/main/upload. Performing manipulation of the argument File results in os command injection. This vulnerability is reported as CVE-2024-3739. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability labeled as critical has been found in cym1102 nginxWebUI up to 3.9.9. Affected is the function exec of the file /adminPage/conf/reload. Executing manipulation of the argument nginxExe can lead to deserialization. This vulnerability appears as CVE-2024-3740. The attack may be performed from a remote location. In addition, an exploit is available.

A vulnerability categorized as critical has been discovered in Ruijie RG-UAC up to 20240419. This vulnerability affects unknown code of the file /view/network Config/GRE/gre_edit_commit.php. Executing manipulation of the argument Name can lead to os command injection. The identification of this vulnerability is CVE-2024-4255. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ruijie RG-UAC 1.0 and classified as critical. The affected element is an unknown function of the file /view/systemConfig/reboot/reboot_commit.php. The manipulation of the argument servicename results in os command injection. This vulnerability is cataloged as CVE-2024-6184. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Ruijie RG-UAC 1.0. It has been declared as critical. This affects an unknown function of the file /view/userAuthentication/SSO/commit.php. Such manipulation of the argument ad_log_name leads to os command injection. This vulnerability is documented as CVE-2024-6186. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Ruijie RG-UAC 1.0. It has been rated as critical. This impacts an unknown function of the file /view/vpn/autovpn/sub_commit.php. Performing manipulation of the argument key results in os command injection. This vulnerability is reported as CVE-2024-6187. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability identified as critical has been detected in Ruijie RG-UAC 1.0. This vulnerability affects the function get_ip.addr_details of the file /view/vpn/autovpn/sxh_vpnlic.php of the component HTTP POST Request Handler. Performing manipulation of the argument indevice results in command injection. This vulnerability is identified as CVE-2024-6269. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Siemens SINEMA Remote Connect Client up to 3.2 and classified as critical. This vulnerability affects unknown code of the component Configuration Handler. Such manipulation leads to command injection. This vulnerability is referenced as CVE-2024-39567. The attack can only be performed from a local environment. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in Htmly 2.9.5 and classified as problematic. This issue affects some unknown processing of the component Menu Editor Module. This manipulation of the argument Link Name causes cross site scripting. This vulnerability is tracked as CVE-2024-30953. The attack is possible to be carried out remotely. No exploit exists.