Aggregator

A vulnerability, which was classified as problematic, has been found in Amazon Shop. Affected by this issue is some unknown functionality of the file search.php. The manipulation of the argument Query leads to cross site scripting. This vulnerability is handled as CVE-2005-3908. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Jack Dorsey, co-founder of Twitter and head of Block, recently unveiled his latest endeavor—Bitchat, a messaging application envisioned as a fully decentralized communication tool, independent of traditional internet infrastructure. Instead of relying on conventional...

The post Jack Dorsey’s Bitchat: Decentralized Promise, Centralized Security Concerns appeared first on Penetration Testing Tools.

该文章介绍了一个专注于数字取证科学的社区，涵盖从数字设备中恢复和调查材料的技术与原则，尤其在计算机犯罪中的应用，并扩展到手机、视频等多种媒体类型。

The research laboratory Security Explorations has unveiled the results of a months-long investigation exposing critical vulnerabilities at the core of eSIM technology. The focus of their analysis was a GSMA-certified eUICC card developed by...

The post Critical Flaws Expose eSIMs to Cloning and Mass Surveillance, Threatening Global Mobile Security appeared first on Penetration Testing Tools.

r/netsec是一个技术安全内容聚合平台，旨在为安全从业者提供有价值的信息。研究人员发现Interlock勒索软件的新变种采用PHP编写，取代了之前的JavaScript版本，并在大范围传播。

McDonald’s hiring system was found to be secured by a password so trivial that even a child might guess it—”123456.” Two elementary vulnerabilities granted access to the personal data of over 64 million job...

The post McDonald’s “123456” Password Exposes 64 Million Job Applicants’ Data appeared first on Penetration Testing Tools.

文章描述了错误代码521的含义及其常见原因。该错误通常与Cloudflare服务相关，表示Cloudflare无法连接到网站服务器。文章还提供了排查和解决该问题的方法，包括检查网络连接、访问网站状态页面以及联系网站管理员等。

HackerNews 编译，转载请注明出处： 网络安全公司Cyfirma发现，黑客正公然利用GitHub平台以“免费VPN”为幌子传播Lumma信息窃取木马。该恶意项目伪装成“Free VPN for PC”仓库，实际安装包会触发多阶段攻击链：首先释放伪装成VPN组件的.NET加载器，随后通过内存注入技术部署最终载荷。 该攻击采用双重诱饵策略：同一攻击者在GitHub同步上传名为“Minecraft Skin”的恶意仓库，瞄准青少年游戏群体；利用GitHub可信平台属性规避安全检测，受害者在搜索正版软件时易误入陷阱。技术层面采用多层混淆手段：初始载荷含Base64编码的PowerShell脚本，核心模块通过内存驻留规避磁盘扫描；注入合法进程（如explorer.exe）实现隐蔽运行，窃取流程包含浏览器凭证、加密货币钱包及文档文件。 Lumma窃密软件在地下市场以“恶意软件即服务”模式流通，月租费140-160美元，支持定制化攻击配置。近期活跃传播渠道除GitHub外，还包括：YouTube盗版教程视频诱导下载带毒安装包、虚假验证码页面诱骗用户执行系统命令、Discord游戏社区通过恶意机器人传播。 2025年5月，微软联合欧盟、日本执法机构开展专项打击行动：查封2,300个C2控制域名，瓦解暗网赃数据交易市场；39.4万台受感染Windows设备被重定向至安全服务器消毒；溯源发现俄罗斯开发者“Shamel”为核心运营者，其Telegram频道拥有超千名订阅者。 防护措施建议： 谨慎处理开源平台下载内容，优先验证仓库作者信誉及代码签名； 启用内存防护功能（如Microsoft Defender PPL），阻断非授权代码注入； 对敏感账户实施硬件级双因素认证，降低凭证泄露风险； 定期检查系统进程与网络连接状态，警惕异常行为。     消息来源： cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

Four vulnerabilities within the Bluetooth stack BlueSDK, developed by OpenSynergy and collectively named PerfektBlue, pose a serious security threat to millions of vehicles. These flaws allow remote code execution on targeted devices and potentially...

The post PerfektBlue: Critical Bluetooth Flaws Expose Millions of Cars to Remote Hacks appeared first on Penetration Testing Tools.

Researchers have uncovered a new packer, Ducex, which conceals one of the most formidable mobile malware threats— the Triada Trojan—through advanced encryption and obfuscation techniques. Its analysis in the interactive sandbox environment ANY.RUN reveals...

The post Ducex Packer: The New Shield for Triada Android Trojan Evading Detection appeared first on Penetration Testing Tools.

A federal court in New York has issued a harsh ruling in a high-profile cryptocurrency theft case. Nicholas Truglia, previously convicted for his role in the cyberattack targeting entrepreneur Michael Terpin’s digital assets, has...

The post Crypto Thief Gets 12 Years: Court Cracks Down on $20M SIM Swap Fraud appeared first on Penetration Testing Tools.

A vulnerability, which was classified as problematic, was found in Truecrypt and VeraCrypt. Affected is the function IsDriveLetterAvailable of the file Driver/Ntdriver.c of the component Symbolic Links Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2015-7358. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

文章介绍了HTTP错误代码521的含义及其常见原因，并提供了排查和解决该问题的方法。

HackerNews 编译，转载请注明出处： 英国议会情报安全委员会近日发布报告警示，伊朗黑客组织对英国构成重大威胁，尤其针对能源化工、公共事业及金融领域。这份在以色列-美国联合袭击伊朗核设施后发布的报告指出，截至2023年8月的证据显示，英国暂未成为伊朗网络攻击的首要目标，但“地区局势突变可能迅速改变这一态势”。 报告强调：“若伊朗决定对英国发动网络攻击，能源化工、公共事业及金融业将首当其冲。国家网络安全中心评估显示，当前英国机构普遍缺乏监测和抵御伊朗网络攻击的能力。”此前政府因应对不力放任俄罗斯“预部署攻击”关键基础设施的案例被列为前车之鉴，委员会警告“绝不能在伊朗问题上重蹈覆辙”。 虽然伊朗在网络技术水平上逊于中俄，但其利用简单技术针对基础漏洞发动攻击的能力仍构成实质性威胁。除国家控制的黑客组织外，为私利或国家情报任务行动的个人黑客同样值得警惕。 报告呼吁全国机构提高防御门槛基准线，要求国家网络安全中心强化支持体系，并建议将国家网络部队作为反击伊朗网络侵略的威慑力量。“英国必须让伊朗付出难以承受的代价”，报告称“公开归因攻击行为是有效威慑手段（尽管存在风险）”。 北极狼科技服务总裁丹·施亚帕指出，鉴于伊朗既往的磁盘擦除攻击、基建渗透和虚假信息战案例，所有行业均应保持高度戒备。他强调：“供应链攻击已重创过多家龙头企业，小微企业更须严肃对待该警告，包括修补已知漏洞、增强网络可视化能力和完善威胁检测机制。”派拓网络公共部门主管格雷姆·斯图尔特补充道：“追踪伊朗黑客动向的专家不会对此报告感到意外，这些全球最激进且最难预测的攻击者正随着地缘紧张局势快速行动，当前西方世界已进入最佳攻击窗口期。”       消息来源： infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

KUNBUS GmbHが提供するRevolution Piには、複数の脆弱性が存在します。

A vulnerability, which was classified as critical, has been found in Oracle Primavera Gateway 15.2.18/16.2.11/17.12.6/18.8.8.1. This issue affects some unknown processing of the component UI. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2019-11358. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

英特尔 CEO 承认公司跌出全球半导体前十；AI 芯片领域追赶英伟达困难；重点转向端侧 AI 和新兴智能体；Android 推出 Canary 测试频道；Kimi 发布 320 亿参数模型 K2；Windsurf 转投谷歌；谷歌限制 Pixel 6a 电池续航。

研究人员发现Interlock勒索软件集团的新远程访问木马（RAT）变种使用PHP并通过被黑网站传播，隐蔽性强，并具备系统侦察和横向移动能力。

Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware, a shift … Read More

大家好，我是老白！自研数据更新系统已开发测试，每周一8：45准时通过本公众号推送最新DNS解析包（A/AAAA/CNAME/MX记录），助您高效追踪网络资产动态！