Aggregator

原文标题：MEGR-APT: A Memory-Efficient APT Hunting System Based on Attack Representation Learning原文作者：Ahm

Спортивный триумф внезапно обернулся криминальным крахом.

A vulnerability, which was classified as critical, was found in Zephyr Project Manager up to 3.2.4 on Wordpress. Affected is an unknown function of the file /wp-admin/admin-ajax.php. The manipulation of the argument project_id/task_id leads to sql injection. This vulnerability is traded as CVE-2022-2840. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Recent research has linked a series of cyberattacks to The Mask group, as one notable attack targeted a Latin American organization in 2022, where attackers compromised the organization’s MDaemon email server and exploited the WorldClient webmail component to maintain persistent access.  While the initial compromise vector remains unknown, the successful exploitation of the MDaemon server […]

The post Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol similar to RisePro for downloading and executing second-stage payloads.  Despite RisePro’s development discontinuation in June 2024, RiseLoader’s emergence suggests a potential connection to the threat group behind RisePro and PrivateLoader.  The malware often employs VMProtect for code obfuscation and has […]

The post RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

GFI Software’s Kerio Control, a popular UTM solution, was found to be vulnerable to multiple HTTP Response Splitting vulnerabilities, which affecting versions 9.2.5 through 9.4.5, could potentially allow attackers to inject malicious code into web pages, leading to cross-site scripting (XSS) attacks and other security compromises.  The vulnerabilities, tracked as CVE-2024-52875 and KIS-2024-07, highlight the […]

The post 1-Click RCE Attack In Kerio Control UTM Allow Attackers Gain Firewall Root Access Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement it quickly. About CVE-2024-12356 BeyondTrust Privileged Remote Access is an enterprise solution that mediates secure remote access to enterprise environments for employees and trusted vendors. BeyondTrust Remote Support allows organizations’ IT helpdesk personnel to securely connect … More →

The post BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) appeared first on Help Net Security.

Самый дорогой эксперимент в истории виноделия проведут на МКС.

A vulnerability, which was classified as problematic, was found in docker. Affected is an unknown function of the component DNS Request Handler. The manipulation leads to incorrect resource transfer. This vulnerability is traded as CVE-2024-29018. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SAP NetWeaver AS JAVA 7.50 and classified as critical. This issue affects some unknown processing. The manipulation leads to xml external entity reference. The identification of this vulnerability is CVE-2024-47582. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in SAP NetWeaver AS for JAVA 7.50. This issue affects the function upload of the component Adobe Document Services. The manipulation leads to file and directory information exposure. The identification of this vulnerability is CVE-2024-47579. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in SAP NetWeaver AS for JAVA 7.50. Affected is an unknown function of the component Adobe Document Services. The manipulation leads to file and directory information exposure. This vulnerability is traded as CVE-2024-47580. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in SAP NetWeaver AS for JAVA 7.50. It has been classified as critical. This affects an unknown part of the component Adobe Document Service. The manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2024-47578. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Linux Kernel up to 6.11.2 and classified as critical. Affected by this issue is the function set_output_gamma of the component AMD Display. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-49910. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.10.13/6.11.2. Affected is the function list_for_each_entry_safe of the component AMD. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-49904. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

The European Commission is investigating whether TikTok allowed foreign actors to influence voters during recent Romanian elections

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

吸尘器、洗地机、机器人……你都如何做好「日常清洁」？随着国补接近尾声，不少朋友在这期间购买了种草许久的吸尘器、洗地机、扫拖机器人等地面清洁工具，希望它们能在日常的家庭清洁中为自己省时省力。但工具类型这

Researchers have uncovered vulnerabilities in Microsoft Azure Data Factory’s integration with Apache Airflow, which could potentially allow attackers to gain unauthorized access and control over critical Azure resources.  By exploiting these vulnerabilities, attackers could compromise the integrity of the Azure environment, potentially leading to data breaches, service disruptions, and other severe consequences.  The identified vulnerabilities […]

The post Azure Data Factory And Apache Airflow Integration Flaws Let Attackers Gain Write Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.