Aggregator

CVE-2017-16369 | Adobe Acrobat Reader information disclosure (APSB17-36 / Nessus ID 104626)

Vuldb Updates
8 months ago
A vulnerability was found in Adobe Acrobat Reader up to 11.0.22/2015.006.30355/2017.011.30066/2017.012.20098. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2017-16369. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Blackwired Launches ThirdWatch℠, A Paradigm Shift in Cybersecurity

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months ago

Blackwired, the leading cyber observatory for disruptive cybersecurity technologies, has announced the launch of ThirdWatch℠, a groundbreaking solution to identify direct threats facing an organization and its Third Parties. ThirdWatch℠ is a subject-directed monitoring platform that provides a comprehensive 360-degree view in 3D of existential threats that impact organizations and the associated cyber risks posed […]

The post Blackwired Launches ThirdWatch℠, A Paradigm Shift in Cybersecurity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2024-8331 | OpenRapid RapidCMS up to 1.3.1 user-move-run.php username sql injection

Vuldb Updates
8 months ago
A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. This vulnerability is uniquely identified as CVE-2024-8331. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-8332 | master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f /table/index sql injection

Vuldb Updates
8 months ago
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. The manipulation leads to sql injection. This vulnerability was named CVE-2024-8332. The attack can be initiated remotely. There is no exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2024-39300 | Elecom WAB-I1750-PS up to 1.5.10 Telnet missing authentication

Vuldb Updates
8 months ago
A vulnerability, which was classified as critical, was found in Elecom WAB-I1750-PS up to 1.5.10. This affects an unknown part of the component Telnet. The manipulation leads to missing authentication. This vulnerability is uniquely identified as CVE-2024-39300. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply restrictive firewalling.
vuldb.com

CVE-2024-44944 | Linux Kernel up to 6.10.2 ctnetlink nf_expect_get_id memory leak

Vuldb Updates
8 months ago
A vulnerability was found in Linux Kernel up to 6.10.2. It has been classified as problematic. This affects the function nf_expect_get_id of the component ctnetlink. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2024-44944. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-48944 | Linux Kernel up to 5.15.26/5.16.12 sched_fork Privilege Escalation (3411613611a5/c65cfd89cef6/b1e8206582f9)

Vuldb Updates
8 months ago
A vulnerability was found in Linux Kernel up to 5.15.26/5.16.12. It has been declared as problematic. This vulnerability affects the function sched_fork. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2022-48944. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-43862 | Linux Kernel up to 6.10.3 fsl_qmc_hdlc framer_get_status deadlock (f223d2b4acb7/c4d6a347ba7b)

Vuldb Updates
8 months ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.3. Affected by this issue is the function framer_get_status of the component fsl_qmc_hdlc. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-43862. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-43874 | Linux Kernel up to 6.10.2 __sev_snp_shutdown_locked null pointer dereference (bbf2c94503f6/468e3295774d)

Vuldb Updates
8 months ago
A vulnerability was found in Linux Kernel up to 6.10.2 and classified as critical. This issue affects the function __sev_snp_shutdown_locked. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-43874. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-45056 | matter-labs era-compiler-solidity up to 1.5.2 calculation (GHSA-fpx7-8vc6-frjj)

Vuldb Updates
8 months ago
A vulnerability classified as problematic was found in matter-labs era-compiler-solidity up to 1.5.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect calculation. This vulnerability is known as CVE-2024-45056. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

一图速览 | CCS2024 日程新鲜出炉 赶紧收藏!

嘶吼
8 months ago

万象AI,安全新生!CCS2024成都网络安全系列活动将于9月11日-12日在成都高新创合中心A座3楼举办。本次活动秉持国际化、专业化、高端化水准,深度聚焦网络安全产业链与生态链的协同发展,强化创新合作,不断挖掘并催生新的发展动能与机遇,携手业界精英共同开拓网络安全人才培育和产业发展的广阔空间。

企业资讯

Check Point 软件技术公司收购 Cyberint,旨在革新安全运维并扩展托管威胁情报解决方案 

嘶吼
8 months ago

2024 年 9月,领先的网络安全平台提供商 Check Point® 软件技术有限公司(纳斯达克股票代码:CHKP)签署了收购外部风险管理解决方案提供商 Cyberint Technologies公司的最终协议。这将大大增强 Check Point 安全运维中心 (SOC) 的能力,并扩展其托管威胁情报产品。Cyberint 的高级功能不仅会集成到 Check Point Infinity 平台中,用于协同式威胁防御,而且还将通过 Check Point Infinity 平台服务作为托管服务提供。   

  

Cyberint 成立于2010 年,在全球拥有170 多名员工,是市场上发展速度最快的外部风险管理公司之一,被 Frost & Sullivan 评为 2023 年外部风险缓解和管理类别“年度最佳公司”。近年来,世界各地的企业每天都面临着严峻的安全挑战,包括员工凭证被盗、虚假网站和社交媒体仿冒。为了帮助各类用户防范这些风险和挑战,Cyberint 一直致力于凭借可靠的威胁情报、数字风险防护及攻击面管理,为包括财富 500 强公司在内的全球客户提供服务。  

  

Cyberint 首席执行官 Yochai Corem 表示:“如今,凭证泄露和恶意虚假网站屡见不鲜,给超过 90% 的机构带来威胁。这充分说明,用户亟需获取实时情报并采取主动防御策略,而我们的技术正好能够有效满足这一需求。我们很高兴能加入 Check Point 公司,并希望通过将我们的解决方案集成到 Infinity 平台中,显著增强对用户的保护能力。此次合并之后,我们将能够提供更全面的安全 SOC 产品,高效防御内外部威胁。”

  

Check Point 软件技术公司首席服务官 Sharon Schusheim 表示:“我们由衷地欢迎 Cyberint 加入 Check Point。Cyberint 的解决方案与我们的协同式威胁防御愿景完美契合,可显著增强我们的 SOC 能力,使我们能够将发现的风险转化为自主防御措施,结合使用 Check Point 和第三方安全产品,共同控制受损资产并缓解外部风险。”  

  

Cyberint 解决方案的主要功能包括:   

 

· 面向 SecOps 团队的全面外部风险管理解决方案:Cyberint 的解决方案不仅可以检测并追踪假冒网站和社交媒体账户(以及与用户相关的被盗凭证和泄露数据),而且还能够帮助公司检测易受攻击的开放网站和应用,并有效缓解相关漏洞。   

· 通过提供实用的情报实现差异化优势:Cyberint可在设置完毕后 20 分钟内提供实用情报,确保安全防护团队能够及时应对威胁。   

· 采用 AI 技术并背靠高质量托管服务:Cyberint采用 AI 提供有效的风险检测、缓解和情境化警报,同时将误报率降至最低。托管服务则提供专家指导,可确保全面的高质量管理。  

  

*此次收购依据惯例成交条件,预计将于 2024 年底完成。  

Check Point

Managed ad