Aggregator

Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. [...]

Authors/Presenters:Diogo S. Antunes, Afonso N. Oliveira, André Breda, Matheus Guilherme Franco, Henrique Moniz, and Rodrigo Rodrigues, Instituto Superior Técnico (ULisboa) and INESC-ID

Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.

Permalink

The post USENIX NSDI ’24 – Alea-BFT: Practical Asynchronous Byzantine Fault Tolerance appeared first on Security Boulevard.

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /uploads/. The manipulation leads to exposure of information through directory listing. This vulnerability is known as CVE-2024-46471. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Piwigo 14.5.0. It has been classified as problematic. Affected is an unknown function of the component Add Album Handler. The manipulation of the argument Album Name leads to cross site scripting. This vulnerability is traded as CVE-2024-46333. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in ModStartCMS 8.8.0 and classified as problematic. This issue affects some unknown processing of the file /admin/login of the component URL Handler. The manipulation of the argument redirect leads to open redirect. The identification of this vulnerability is CVE-2024-46331. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in CodeAstro Membership Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit-type.php. The manipulation of the argument membership_type leads to cross site scripting. This vulnerability was named CVE-2024-46470. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.110/6.6.51/6.10.10. This affects an unknown part of the component nft_socket. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2024-46855. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.110/6.6.51/6.10.10. Affected by this issue is the function sk_stop_timer_sync of the component mptcp. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-46858. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.110/6.6.51/6.10.10. Affected by this vulnerability is an unknown functionality of the component nxp-fspi. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-46853. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.50/6.10.9. Affected is the function new_vmap_block. The manipulation leads to improper validation of array index. This vulnerability is traded as CVE-2024-46847. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.10. It has been rated as critical. This issue affects the function qcuefi_acquire of the component uefisecapp. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2024-46868. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.110/6.6.51/6.10.10. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper initialization. This vulnerability was named CVE-2024-46865. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

This post first appeared on blog.netwrix.com and was written by Dirk Schrader.
What is DNS? DNS (Domain Name System) is a key component of the Internet infrastructure. DNS functions as a distributed directory service that translates human-readable domain names into machine-readable IP addresses. When you type a website address into your browser, the DNS system helps your browser find the right server on the internet. When people … Continued

Ireland's Data Protection Commission fines Meta Platforms €91 million for mishandling user passwords and GDPR violations

我们每天有三分之一的时间是躺在床单上靠在枕头上。对你而言床就是天堂，细菌、真菌、螨虫和病毒也是这么认为的，床上到处都是汗水、唾液、死皮细胞和食物残渣。人每天会脱落 5 亿个皮肤细胞，对尘螨而言，这些就像自助餐。但尘螨及其粪便会引发过敏、哮喘和湿疹。威斯敏斯特大学的微生物学家 Manal Mohammed 指出，细菌通常是无害的，但如果通过开放性创口进入人体，它们可能会导致严重疾病。这一问题在医院更为普遍。医院里不干净的床单意味着感染风险。医院通常会使用高温清洗床单去杀死大部分细菌。曼彻斯特大学传染病教授 David Dennin 称，枕头上有数十亿或数万亿个真菌颗粒。大多数人很少洗枕头，因此真菌能以相当平和的状态存在数年之久。即使我们清洗了枕头，真菌也能在 50C 温度下存活，清洗枕头可能会使其更潮湿，促进真菌进一步生长。清洗枕头没什么用，Dennin 的建议是健康人每两年更换一次枕头；如果患有哮喘、肺部疾病或鼻窦疾病，频率提高到每 3-6 个月换新。床单则建议每周清洗一次，最好还需要熨烫下。Dennin 称，定期清洗床单很重要，每周清洗一次可能还不够。

Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing email mimicking an American Express notification, leading to a series of redirects.  The final redirect pointed to a Cloudflare R2 public bucket hosting an HTML file, which loaded an external JavaScript code that contained a […]

The post Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The LummaC2 obfuscator employs a novel control flow protection scheme designed specifically for its stealer component, which is part of a broader set of transformations, making it difficult for analysts to reverse engineer the binary.  It introduces obfuscated code that is mixed with the original compiler-generated code, requiring a specialized deobfuscator for analysis. The obfuscator’s […]

The post LummaC2 Stealer Leverages Customized Control Flow Indirection For Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Linux Kernel up to 6.10.10. It has been classified as critical. This affects the function hda_sdw_machine_select of the component soc-acpi-intel-lnl-match. The manipulation leads to infinite loop. This vulnerability is uniquely identified as CVE-2024-46863. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.10 and classified as critical. Affected by this issue is the function hda_sdw_machine_select of the component soc-acpi-intel-mtl-match. The manipulation leads to infinite loop. This vulnerability is handled as CVE-2024-46862. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.51/6.10.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component ipheth. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2024-46861. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.