Aggregator
Weekoverzicht Defensieoperaties
9 months 1 week ago
Voorbereiden op oorlog betekent ook explosieven ruimen op zee en onderzeese infrastructuur beschermen. Dat waren dan ook de voornaamste ingrediënten van een grote door Finland geleide oefening op de Oostzee. Zr.Ms. van Amstel en Zr.Ms. Willemstad deden mee. Dat gebeurde binnen de snel inzetbare NAVO-vlootverbanden waarvoor zij varen. Een overzicht van Defensieoperaties in de week van 27 november tot en met 3 december 2024.
The 10 Best Games of 2023 Ranked by Metacritic Score
9 months 1 week ago
The 10 Best Games of 2023 Ranked by Metacritic Score
CVE-2024-42457 | Veeam Backup & Replication up to 12.2 Remote Management Interface missing encryption (kb4693)
9 months 1 week ago
A vulnerability was found in Veeam Backup & Replication up to 12.2. It has been classified as problematic. This affects an unknown part of the component Remote Management Interface. The manipulation leads to missing encryption of sensitive data.
This vulnerability is uniquely identified as CVE-2024-42457. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-11479 | Issuetrak 17.1 cross site scripting
9 months 1 week ago
A vulnerability classified as problematic was found in Issuetrak 17.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2024-11479. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-42451 | Veeam Backup & Replication up to 12.2 missing encryption (kb4693)
9 months 1 week ago
A vulnerability was found in Veeam Backup & Replication up to 12.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to missing encryption of sensitive data.
This vulnerability is traded as CVE-2024-42451. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-11985 | ASUS RT-AX58U V2 denial of service
9 months 1 week ago
A vulnerability was found in ASUS RT-AX55, RT-AX55 V2, RT-AX56U, RT-AX56U_V2, RT-AX57, RT-AX58U and RT-AX58U V2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to denial of service.
This vulnerability is known as CVE-2024-11985. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-42453 | Veeam Backup & Replication up to 12.2 Configuration permission (kb4693)
9 months 1 week ago
A vulnerability classified as critical has been found in Veeam Backup & Replication up to 12.2. This affects an unknown part of the component Configuration Handler. The manipulation leads to permission issues.
This vulnerability is uniquely identified as CVE-2024-42453. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-42455 | Veeam Backup & Replication up to 12.2 Temporary Files deserialization (kb4693)
9 months 1 week ago
A vulnerability classified as problematic was found in Veeam Backup & Replication up to 12.2. This vulnerability affects unknown code of the component Temporary Files Handler. The manipulation leads to deserialization.
This vulnerability was named CVE-2024-42455. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-45204 | Veeam Backup & Replication up to 12.2 NTLM Hash permission (kb4693)
9 months 1 week ago
A vulnerability, which was classified as critical, was found in Veeam Backup & Replication up to 12.2. Affected is an unknown function of the component NTLM Hash Handler. The manipulation leads to permission issues.
This vulnerability is traded as CVE-2024-45204. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CISA: сети по всему миру в прицеле китайских хакеров
9 months 1 week ago
Международные ИБ-агентства раскрыли главные риски и пути защиты от взлома телекоммуникаций.
某国家的中央银行遭黑客组织网络攻击,数百万美金被盗
9 months 1 week ago
近日,一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。
25% профессий на пороге перемен: ОЭСР раскрывает потенциал сотрудничества с ИИ
9 months 1 week ago
Как технологии влияют на рабочие места и экономику.
APT35 活动:从美国到阿联酋,针对航空航天、半导体
9 months 1 week ago
ThreatBook研究与响应团队揭露了APT35的复杂网络攻击活动。活动针对美国、泰国、阿联酋等多个国家的航空航天和半导体行业。 APT35也称为Magic Hound或Charming Kitten,这个由伊朗支持、与伊斯兰革命卫队(IRGC)有关联的组织,自2014年以来就有着一系列高调的网络攻击历史。 在其一个活动中,APT35推出一个虚假招聘网站,针对泰国航空航天领域的无人机设计专家。网站发布高薪职位,增加了骗局的合法性。 根据ThreatBook的说法,攻击者在他们的“授权访问”服务中混合了合法程序和恶意模块,“该网站提供的授权访问程序混合了两个白色和黑色的恶意样本,其中SignedConnection.exe是合法的OneDrive程序,secur32.dll,Qt5Core.dll分别是第一阶段和第二阶段的恶意程序。” 用C#编写的恶意模块secur32.dll,悄无声息地加载了恶意软件的后续阶段,采用了字符串重构等混淆技术来逃避检测。 APT35的方法包括通过重命名文件和注册表键操作来部署复杂的多阶段有效载荷,以实现持久性。该组织还利用Google Cloud、GitHub和OneDrive等合法平台进行命令与控制(C&C)通信。 “通过对相关样本、IP和域名的分析,提取了多个相关的IOC,用于威胁情报检测。”ThreatBook报告称。 恶意软件还利用GitHub存储库和预配置的备份C&C域名,以确保在主要地址被封锁时保持连通性。这种适应性表明APT35致力于保持运营的弹性。 另一个值得注意的策略是针对半导体公司的假冒VPN程序。VPN安装程序被设置为加载一个名为msvcp.dll的恶意DLL模块,该模块充当下载器,攻击者能够从合法云平台上的C&C服务器获取额外的有效载荷。 “利用VPN访问程序加载恶意DLL模块msvcp.dll,它与Qt5Core.dll是同类型的下载器。”ThreatBook指出。 APT35的行动展示了其利用知名品牌和工具(如OneDrive和GitHub)的信任,渗透到高价值行业的能力。该组织广泛使用社会工程学策略,加上技术复杂性,这凸显了处理敏感技术的行业需要提高警惕。 转自E安全,原文链接:https://mp.weixin.qq.com/s/RX8gQ8UqXv_lTZTcskX69g 封面来源于网络,如有侵权请联系删除
内容转载
谷歌浏览器解决 V8 JavaScript 引擎中的高严重性漏洞 (CVE-2024-12053)
9 months 1 week ago
安全客
微软在博客中发布声明称Windows 11的TPM 2.0要求是不可协调的标准
9 months 1 week ago
微软在博客中发布声明称Windows 11的TPM 2.0要求是不可协调的标准
评论 | 算法滥用,可以休矣!
9 months 1 week ago
近年来这些由算法滥用带来的问题层出不穷。日前,中央网络安全和信息化委员会、工业和信息化部、公安部、国家市场监督管理总局联合印发通知,部署开展“清朗·网络平台算法典型问题治理”专项行动。
观点 | 谨防金融大模型应用风险
9 months 1 week ago
当前,人工智能大模型正在逐步影响各行各业,金融领域也不例外。然而,随着大模型的广泛应用,一些新风险也逐渐显露出来,一旦应对不当,可能对金融行业构成严峻的挑战。
国际 | 欧盟《网络弹性法》正式公布:全面提升数字产品网络安全水平
9 months 1 week ago
11月20日,欧盟《网络弹性法》在欧盟官方公报上正式公布,标志着欧盟在网络安全治理领域迈出重要一步。
前沿 | 谢永江:世界互联网大会乌镇峰会推出全球人工智能治理中国方案
9 months 1 week ago
近日,在2024年世界互联网大会乌镇峰会上,上海社会科学院、武汉大学、北京邮电大学等15家机构联合发布了《全球人工智能治理研究报告》。