Aggregator

A Threat Actor Claims to have Leaked the Data of FDB Collections

20/12/2024 riepilogo In questa settimana, il CE

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow r

A vulnerability, which was classified as critical, was found in Sun Java System Identity Manager up to 7.0. Affected is an unknown function of the file /idm/admin/changeself.jsp. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2008-5115. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Dive into the world of Security Assertion Markup Language (SAML), from its core concepts to practical implementation. Learn how this powerful standard enables secure authentication and single sign-on across different security domains.

The post SAML (Security Assertion Markup Language): A Comprehensive Guide appeared first on Security Boulevard.

North Korean state-sponsored threat actors this year stole $1.34 billion in cryptocurrency this

North Korean hackers stole $1.34 billion in cryptocurrency in 2024, more than half of the $2.2 billion stolen in all crypto hacks, and the attacks by threat groups linked to the rogue nation are becoming more frequent and are happening more quickly.

The post North Korean Hackers Stole $1.34 Billion in Crypto in 2024 appeared first on Security Boulevard.

马来西亚批准重新搜寻失踪逾十年的 MH370。从吉隆坡飞往北京的 MH370 航班于 2014 年 3 月 8 日失踪，当时机上有 239 人。马来西亚交通部长 Anthony Loke 周五表示，内阁原则上批准了与美国海洋勘探公司 Ocean Infinity 达成的 $70m 搜寻交易。根据“无发现不收费”方案，Ocean Infinity 只有在找到飞机残骸后才能获得报酬。Ocean Infinity 在 2018 年曾达成类似协议，但三个月搜寻一无所获。Loke 表示达成的协议是原则性的，具体条款还需要等到明年初才能敲定。最新的搜寻针对的是南印度洋一块 15,000 平方公里的区域。

Moon_WALK Claims to have Leaked the Data of Sealed.AI

A vulnerability classified as problematic has been found in Apple Mac Os up to 8.8.6. Affected is an unknown function of the component Users / Groups Data File. The manipulation leads to missing encryption of sensitive data (Password). This vulnerability is traded as CVE-1999-1543. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. [...]

wayback machine，这是一个获取隐藏 URL 的伟大工具。通过以下URL即可轻松获取 URL：https://web.archive.org/cdx/search/cdx?url=*.re

billy100 is Allegedly Selling the Data of MyDentalPlan Healthcare Pvt. Ltd

Реестр пополнился сервисами с миллиардами пользователей.

Powerloom's decentralized network has recorded over one billion data points through its network of 5

A vulnerability has been found in Zoho ManageEngine ServiceDesk 9.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file mc/ of the component Guest Session Handler. The manipulation leads to session fixiation. This vulnerability is known as CVE-2019-10008. The attack can be launched remotely. Furthermore, there is an exploit available.