Aggregator

T00ls“喜庆2025”网络安全文章征集活动圆满结束。活动自2024年12月18日启动，吸引了众多社区成员的积极参与。经过投票，筛选出了前几名优秀文章。感谢所有参与者的支持，期待未来更多精彩活动！

T00ls“喜庆2025”网络安全文章征集活动圆满结束。活动自2024年12月18日启动，吸引了众多社区成员的积极参与。经过投票，筛选出了前几名优秀文章。感谢所有参与者的支持，期待未来更多精彩活动！

T00ls“喜庆2025”网络安全文章征集活动圆满结束。活动自2024年12月18日启动，吸引了众多社区成员的积极参与。经过投票，筛选出了前几名优秀文章。感谢所有参与者的支持，期待未来更多精彩活动！

T00ls“喜庆2025”网络安全文章征集活动圆满结束。活动自2024年12月18日启动，吸引了众多社区成员的积极参与。经过投票，筛选出了前几名优秀文章。感谢所有参与者的支持，期待未来更多精彩活动！

T00ls“喜庆2025”网络安全文章征集活动圆满结束。活动自2024年12月18日启动，吸引了众多社区成员的积极参与。经过投票，筛选出了前几名优秀文章。感谢所有参与者的支持，期待未来更多精彩活动！

A vulnerability classified as critical was found in VMware Workstation, Player, ACE and Server. Affected by this vulnerability is an unknown functionality of the file config.ini. The manipulation leads to improper access controls. This vulnerability is known as CVE-2008-1363. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Novell eDirectory 8.7.3.9/8.8.1. This vulnerability affects the function dolburprequest. The manipulation leads to memory corruption. This vulnerability was named CVE-2008-0924. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as very critical was found in Alcatel AoS 5.1.6.463/5.4.1.429/6.1.3.965/6.3.1.966. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2008-4383. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Intel CPU. This vulnerability affects unknown code of the component Speculative Execution. The manipulation leads to information disclosure. This vulnerability was named CVE-2018-3640. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS up to 10.14.0. It has been rated as problematic. This issue affects some unknown processing of the component Microcode. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2018-3640. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

Diligent convened a group of 65 board members, C-suite executives, and leading subject matter experts to explore topics shaping the future of business: generative AI, cybersecurity and data privacy, geopolitical risk, and financial fraud and abuse. In this Help Net Security video, Dottie Schindlinger, Executive Director of the Diligent Institute, discusses how 2025 presents boards with a technological headache and how these topics will shape cyber strategies at a board level across the new year … More →

The post Cyber trends set to influence business strategies appeared first on Help Net Security.

A vulnerability was found in Apple safari 4.0.3/4.0.4 and classified as problematic. This issue affects some unknown processing in the library cfnetwork.dll of the file safari.exe. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2010-0924. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Sanusart Simple PHP Guestbook 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file guestbook.php. The manipulation of the argument action leads to cross site scripting. This vulnerability is handled as CVE-2010-0940. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Oracle OpenSolaris 10. Affected by this vulnerability is an unknown functionality of the component rdist. The manipulation leads to Local Privilege Escalation. This vulnerability is known as CVE-2010-0916. The attack needs to be approached locally. There is no exploit available.

A vulnerability, which was classified as very critical, was found in Tonec Internet Download Manager up to 5.17. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2010-0995. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical has been found in Freedownloadmanager Free Download Manager up to 3.0.850. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2010-0998. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 3.6/3.6.1/3.7 and classified as very critical. This issue affects some unknown processing of the component Fonts. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2010-1028. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

新威胁组织GamaCopy模仿俄罗斯Gamaredon APT，针对俄语目标发起攻击，使用军事诱饵文档和UltraVNC进行远程控制，欺骗安全厂商，威胁俄罗斯国防和基础设施领域。