Aggregator

CVE-2024-11961 | Guangzhou Huayi Intelligent Technology Jeewms 3.7 WmOmNoticeHController.java preHandle request information disclosure

9 months ago

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information disclosure. The identification of this vulnerability is CVE-2024-11961. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

Backpack Exchange And Wallet To Integrate Sui

不安全

9 months ago

Backpack Exchange And Wallet To Integrate Sui

CISP-PTE：记录文件上传系统靶机做题思路（拿Key）

FreeBuf互联网安全新媒体平台

9 months ago

记录CISP-PTE文件上传系统靶场解题思路，本系统共3个Key，考验的是整体的渗透思路流程，欢迎各位小白或者大佬进行交流学习！

CVE-2024-50262 | Linux Kernel up to 6.11.6 bpf trie_get_next_key out-of-bounds write (Nessus ID 211777)

Vuldb Updates

9 months ago

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.11.6. This affects the function trie_get_next_key of the component bpf. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-50262. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44306 | Apple macOS up to 14.5 buffer overflow

Vuldb Updates

9 months ago

A vulnerability was found in Apple macOS up to 14.5. It has been classified as critical. Affected is an unknown function. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2024-44306. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44307 | Apple macOS up to 14.5 buffer overflow

Vuldb Updates

9 months ago

A vulnerability was found in Apple macOS up to 14.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-44307. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-11477 | 7-Zip up to 24.01 Zstandard Decompression integer underflow (ZDI-24-1532 / Nessus ID 211725)

Vuldb Updates

9 months ago

A vulnerability has been found in 7-Zip and classified as critical. Affected by this vulnerability is an unknown functionality of the component Zstandard Decompression Handler. The manipulation leads to integer underflow. This vulnerability is known as CVE-2024-11477. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-10946 | Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System sql injection

Vuldb Updates

9 months ago

A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This affects an unknown part of the file /interlib/admin/SysLib?cmdACT=inputLIBCODE&mod=batchXSL&xsl=editLIBCODE.xsl&libcodes=&ROWID=. The manipulation of the argument sql leads to sql injection. This vulnerability is uniquely identified as CVE-2024-10946. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

CVE-2024-10947 | Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System sql injection

Vuldb Updates

9 months ago

A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This vulnerability affects unknown code of the file /interlib/order/BatchOrder?cmdACT=admin_order&xsl=adminOrder_OrderList.xsl. The manipulation of the argument bookrecno leads to sql injection. This vulnerability was named CVE-2024-10947. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

Cybersecurity Gadgets to Hack Your Holiday Gift List

DataBreachToday.com

9 months ago

Tech and Training Ideas to Help Cyber Professionals Advance Their Skills
If you're a cybersecurity professional trying to come up with ideas for your holiday wish list (or maybe you’re a loved one trying to pick out the perfect gift), look no further! Here are some top picks that will thrill any cybersecurity practitioner.

AI Meets Fraud Prevention in LexisNexis-IDVerse Acquisition

DataBreachToday.com

9 months ago

LexisNexis Combines AI-Driven Document Authentication With Its Fraud Solutions
To counter AI-driven fraud, LexisNexis acquired IDVerse, a London-based startup focused on document authentication and regulatory compliance. This acquisition aims to seamlessly integrate advanced tools into LexisNexis' fraud and identity platforms, enhancing global operations.

Ransomware Hackers Exploiting Cleo Software Zero-Day

DataBreachToday.com

9 months ago

Attackers Target Managed File Transfer Software Vulnerabilities
File transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files.

Cybersecurity Gadgets to Hack Your Holiday Gift List

Ransomware DataBreachToday.com

9 months ago

Chinese APT Groups Targets European IT Companies

Ransomware DataBreachToday.com

9 months ago

Evidence Mounts for Chinese Hacking 'Quartermaster'
A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye."

Clearinghouse Pays $250K Settlement in Web Exposure Breach

Ransomware DataBreachToday.com

9 months ago

Inmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA Breach
A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in fines and civil settlements.

AI Meets Fraud Prevention in LexisNexis-IDVerse Acquisition

Ransomware DataBreachToday.com

9 months ago

Ransomware Hackers Exploiting Cleo Software Zero-Day

Ransomware DataBreachToday.com

9 months ago

Keycloak: Open-source identity and access management

Help Net Security

9 months ago

Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. Keycloak is based on standard protocols and supports OpenID Connect, OAuth 2.0, and SAML. Single Sign-On: Users authenticate through Keycloak instead of individual apps, eliminating the need for separate login forms and user management. Once logged in to Keycloak, users can access all connected apps without reauthenticating. Logout is also centralized—logging out of … More →

The post Keycloak: Open-source identity and access management appeared first on Help Net Security.

Help Net Security

Rouche’s Theorem: Conditions for Preventing Recursive Equilibrium

不安全

9 months ago

Rouche’s Theorem: Conditions for Preventing Recursive Equilibrium

Ultralytics 人工智能模型被劫持利用加密货币挖矿程序感染数千人

嘶吼

9 months ago

Ultralytics YOLO11 AI 模型在供应链攻击中受到损害，该攻击在运行 Python 包索引 (PyPI) 8.3.41 和 8.3.42 版本的设备上部署加密货币挖矿程序。

Ultralytics 工具是开源的，被跨广泛行业和应用的众多项目所使用。该库在 GitHub 上已被加注 33,600 次，分叉 6,500 次，在过去 24 小时内，仅 PyPI 的下载量就超过 260,000 次。

Ultralytics YOLO11 受损

Ultralytics 8.3.41 和 8.3.42 已发布到 PyPi，直接安装受感染版本或作为依赖项安装的用户发现部署了加密货币挖矿程序。

对于 Google Colab 帐户，所有者因“滥用行为”而被标记并禁止。 Ultralytics 是 SwarmUI 和 ComfyUI 的依赖项，它们都确认其库的全新安装将导致矿工的安装。

来源：@GozukaraFurkan

安装后，受感染的库会在“/tmp/ultralytics_runner”处安装并启动 XMRig Miner，以连接到“connect.consrensys[.]com:8080”处的 minin 池。

运行 XMRig Miner 进程

Ultralytics 创始人兼首席执行官 Glenn Jocher 证实，该问题仅影响这两个受损版本，这些版本已被撤下并替换为干净的 8.3.43 版本。 Jocher 在 GitHub 上发帖称：“我们确认 Ultralytics 版本 8.3.41 和 8.3.42 受到针对加密货币挖掘的恶意代码注入的影响。这两个版本均已立即从 PyPI 中删除。”

Glenn Jocher 在 GitHub 上的评论

开发人员目前正在调查根本原因以及 Ultralytics 构建环境中的潜在漏洞，以确定其被破坏的方式。然而，该漏洞似乎源自两个恶意 PR [1, 2]，其中在香港用户提交的分支名称中注入了代码。

目前尚不清楚恶意代码是否仅执行加密货币挖掘或泄露的私人用户数据，有关社区仍在等待此次泄露的正式咨询，该咨询将对所有细节进行澄清。出于谨慎考虑，下载恶意版本 Ultralytics 的用户应执行完整的系统扫描。

根据最新消息，有用户报告 PyPI 上有新的木马版本，因此攻击似乎会持续到新的软件包版本 8.345 和 8.3.46。

胡金鱼

Aggregator

Managed ad