Aggregator

如何使用Ray/RayData构建Audio/Video数据处理Pipeline，以及在大规模不稳定资源上运行RayData所做的优化工作。

A vulnerability, which was classified as critical, was found in Luxion KeyShot. Affected is an unknown function of the component 3DS File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2024-11576. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Luxion KeyShot. This issue affects some unknown processing of the component SKP File Parser. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-11577. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Luxion KeyShot. This vulnerability affects unknown code of the component 3DS File Parser. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2024-11578. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Luxion KeyShot. This affects an unknown part of the component OBJ File Parser. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-11579. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Luxion KeyShot. It has been rated as critical. Affected by this issue is some unknown functionality of the component ABC File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-11580. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Luxion KeyShot. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component JT File Parser. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-11581. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

1. BianLian勒索团伙公布新的受害公司 2. Cactus勒索团伙公布受害公司泄露数据 3. RansomHub勒索团伙公布新的受害公司

近日，奇安信病毒响应中心观察到，蠕虫家族Babonock近期攻击活动加剧，大有卷土重来的架势。经分析人员分析发现其为AutoHotKey打包的PE程序，包含键盘监控、伪装成系统进程、移动介质传播和FTP文件操作等恶意行为。

A vulnerability was found in PHP up to 8.1.30/8.2.25/8.3.13. It has been classified as problematic. Affected is an unknown function of the component MySQL Server Handler. The manipulation leads to buffer over-read. This vulnerability is traded as CVE-2024-8929. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Dell Edge Gateway 5200 1.03.10/1.05.10 and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-38296. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in cesarmaeso Control horas Plugin up to 1.0.1 on WordPress and classified as problematic. This vulnerability affects the function ch_registro of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-11381. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in MailMunch Plugin up to 3.1.8 on WordPress. This affects the function add_query_arg. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8735. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in codename065 Premium Packages Plugin up to 5.9.3 on WordPress. Affected by this issue is the function add_query_arg. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-11225. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in gallerycreator Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube and Vimeo) Video Gallery and Lightbox for native gallery Plugin up to 3.2.4.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-10034. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in AIPHONE IX-MV, IX-MV7-HB, IX-MV7-HBT, IX-MV7-HW, IX-MV7-HWT, IX-MV7-HW-JP, IX-MV7-B, IX-MV7-BT, IX-MV7-W, IX-MV7-WT, IX-DA, IX-DAU, IX-DB, IX-DBT, IX-EA, IX-EAT, IX-EAU, IX-DV, IX-DVT, IX-DVF, IX-DVF-P, IX-DVF-L, IX-DVM, IX-DU, IX-DVF-RA, IX-DVF-2RA, IX-BA, IX-BAU, IX-BB, IX-BBT, IX-FA, IX-SSA, IX-SS-2G, IX-SS-2GT, IX-SS-2G-N, IX-BU, IX-SSA-RA, IX-SSA-2RA, IX-RS-B, IX-RS-BT, IX-RS-W, IX-RS-WT, IXW-MA, IX-SPMIC, IXG-2C7, IXG-2C7-L, IXG-DM7, IXG-DM7-HID, IXG-DM7-HIDA, IXG-DM7-10K, IXG-MK, IXGW-GW, IXGW-TGW, IXGW-LC, IX-SupportTool and IXG-SupportTool. Affected is an unknown function of the component SFTP Service. The manipulation leads to use of hard-coded cryptographic key . This vulnerability is traded as CVE-2024-45837. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in PHP up to 8.1.30/8.2.25/8.3.13 on 32-bit. It has been rated as critical. This issue affects the function ldap_escape. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-8932. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GEO my WP Plugin and gmw-premium-settings Plugin on WordPress. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2024-9422. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

The U.S. Department of Justice (DOJ) announced the seizure of the illicit PopeyeTools platform, a notorious online marketplace for stolen credit cards and cybercrime tools. Alongside the takedown, authorities unsealed criminal charges against three alleged administrators: Abdul Ghaffar (25) and Abdul Sami (35) of Pakistan, and Javed Mirza (37) of Afghanistan. PopeyeTools Cybercrime Operation Dismantled […]

The post US Seizes PopeyeTools Cybercrime Platform & Arrested Admins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Change Healthcare 证实，自 2 月份遭受勒索软件攻击以来，几乎整整九个月，其信息交换中心服务已恢复正常运行。 在平常的一年里，这家医疗保健机构要处理 150 亿笔交易，是美国所有信息交换中心中处理交易最多的。它负责整个美国医疗保健系统中医疗保健提供商、医院、从业人员和患者之间的支付和交易。据美国医院协会（AHA）称，2 月份 ALPHV/Blackcat 的勒索软件攻击导致次月高达 94% 的医院受到财务影响。 通过更新网站状态页面确认的这项服务的恢复，标志着 Change Healthcare 从攻击中整体恢复的一个重要里程碑，目前该恢复工作已基本完成，但尚未完全结束。 他们没有使用多因素身份验证，这让我大吃一惊。网络没有被分割，这让我大吃一惊…… 在短短两个月内，绝大多数功能都已重新上线，并且至少部分恢复。唯一尚未完全恢复的业务功能是 Clinical Exchange（电子病历信息交换）、MedRX（药房报销管理）和支付方打印通信多渠道分发系统（支付文件打印）。 然而，医疗服务提供者将在更长的时间内感受到这一事件带来的巨大财务影响。 几乎就在 Change Healthcare 被 ALPHV 打得落花流水之后，医疗服务提供商就报告了财务困难。到 3 月初，超过三分之一的医院表示，他们一半以上的收入受到了支付中断的影响，近 60% 的医院表示每天的收入缺口达到或超过 100 万美元。 联合健康（UnitedHealth）旗下的 Optum 于 3 月 1 日启动了 “临时资金援助计划”，以支持医疗机构解决现金流问题。联合健康旗下的 Change Healthcare 在发布恢复信息交换中心服务的最新消息时也表示，截至 10 月 15 日，已经偿还了 32 亿美元的贷款。 无息借给医疗服务提供者的资金总额被认为超过了 60 亿美元。根据联合健康最近的财报[PDF]，仅在 3 月底，Change Healthcare 为修复此次攻击就花费了 8.72 亿美元，而此后的费用已远远超过 20 亿美元（含税）。 The Register联系了Change Healthcare公司要求发表声明，但该公司没有立即做出回应。 根据美国卫生与公众服务部（HHS）最近的统计数据，约有 1 亿人受到了 Change Healthcare 大型漏洞的影响。美国医疗协会认为，该公司处理的美国公民医疗报销申请约占三分之一，而美国人口约为 3.37 亿，这意味着美国近三分之一的人口受到影响，绝大多数 Change Healthcare 患者的信息受到泄露。 人们的数据被泄露的程度各不相同，但全名、电子邮件地址、银行数据、报销记录等都被窃取了。 事情发生后不久，联合健康公司首席执行官安德鲁-威蒂（Andrew Witty）自然被传唤到国会，解释究竟是如何允许这种武器级的事件发生的。 他向议员们解释说，ALPHV 的附属公司使用窃取的凭证登录了 Citrix 门户网站，你猜对了，该门户网站没有启用多因素身份验证 (MFA)。 威蒂在接受质询时谈到了公司向勒索者付款的决定，此前曾有传言称，此举是基于对已知 ALPHV 钱包的区块链分析而做出的。他向参议员们证实，联合健康确实向攻击者支付了 2200 万美元。 他承认自己是授权付款的人，并表示这 “是我不得不做出的最艰难的决定之一。我不希望任何人做出这样的决定”。 在首席执行官作证后，专家们向 The Register 表示，网络犯罪分子利用的安全漏洞相当于 “严重疏忽”。 Contrast Security 公司网络战略高级副总裁汤姆-凯勒曼（Tom Kellermann）说：“他们没有使用多因素身份验证，这让我大吃一惊。“我对网络没有分段感到震惊。他们在明知网络已被入侵的情况下，却没有对该环境进行强有力的威胁猎杀，这让我大吃一惊。坦率地说，我认为这是令人震惊的疏忽。”     转自安全客，原文链接：https://www.anquanke.com/post/id/302062 封面来源于网络，如有侵权请联系删除