Aggregator

Hackers Weaponize Compiled HTML Help to Deliver Malicious Payload

Cyber Security News
1 week 1 day ago

A malicious Microsoft Compiled HTML Help (CHM) file uploaded from Poland on 30 June 2025 has shown how a legacy documentation format can be repurposed into a potent delivery vehicle for modern malware. Named “deklaracja.chm,” the archive masquerades as a bank‐transfer declaration and opens with a benign receipt image, lulling victims into a false sense […]

The post Hackers Weaponize Compiled HTML Help to Deliver Malicious Payload appeared first on Cyber Security News.

Tushar Subhra Dutta

CNVD漏洞周报2025年第26期

CNVD漏洞平台
1 week 1 day ago
国家信息安全漏洞共享平台(以下简称CNVD)本周共收集、整理信息安全漏洞285个,其中高危漏洞120个、中危漏洞141个、低危漏洞24个。

重磅官宣 | 2025 CCS成都网络安全技术交流活动定档9月!

嘶吼
1 week 1 day ago

CCS 2025作为2025年国家网络安全宣传周成都系列活动的重要组成部分,将于2025年9月中旬在成都盛大启幕!

五年磨一剑,焕新再出发,CCS成都网络安全技术交流活动自2021年创办以来已成功举办四届。依托深厚的行业积淀与广泛影响力,CCS已发展成为区域级网络安全技术交流、产业协作与创新发展的核心平台并已逐步辐射全国,放眼国际,将网络安全的“成都之声”传播得更为遥远。

聚力行业发展,共启安全新篇

在人工智能飞速发展的当下,网络安全产业正处于深刻变革的关键节点。即将启幕的 CCS 2025,将再度汇聚行业精英,围绕 AI 与网络安全的融合创新,深入探讨如何在技术、产品、服务等层面实现突破,以应对 AI 时代复杂多变的网络安全威胁。通过专家演讲、案例分享、技术研讨,成果经验交流等多种形式,为在网络安全事业中奋斗的参与者们提供一些新的思路与方向,助力推动网络安全产业在 AI 浪潮中实现转型升级,更好地护航各行业的数字化发展。

相聚蓉城,为行业发声

为保证CCS 2025更精准、更全面地捕捉行业焦点,现诚挚邀请网络安全行业领域的专家学者、企业骨干及广大从业者贡献智慧,参与内容的征集。

01 议题征集时间:

即日起至 2025年8月15日截止。

02 议题提交内容:

1、演讲者姓名

2、联系方式

3、演讲者简介

(1)若以个人名义提交议题,则演讲者需对本人及本人工作经历进行描述;

(2)若以团队名义提交议题,除前述演讲者介绍外,还需另附详细的团队介绍。

4、议题名称

5、议题简介

(1)清晰明确的议题内容概述;

(2)包括但不限于研究思路、研究发现、研究成果及解决方案;

(3)需同时说明该议题是否在其他地方有过相关发布及发布范围。

6、通讯地址

(注:该信息仅用于邮寄CCS资料、专属纪念品等)

7、议题PPT

请提交完整的议题PPT,并标明演讲时长,若PPT尚未完善,请提交较为详细的议题大纲作为代替。议题内容不会公开,但会作为组委会专家评审的重要参考材料。

8、提交方式

请将包含上述信息的议题说明(含议题PPT)打包投递至CCS组委会邮箱: [email protected],邮件主题为:CCS2025+议题名称。

9、征集声明

我们将在您投递后的15个工作日内给予反馈,无论最终您的议题是否被选中,我们都会在评审结束后邮件反馈您审核结果。CCS组委会将严格保密您提交的所有个人信息,相关信息仅限本届CCS组织工作使用。

更多精彩内容请访问活动官网:https://www.cdccs.cn/#/

企业资讯

CVE-2023-20883 | Oracle Banking Liquidity Management 14.5/14.6/14.7 Common denial of service (EUVD-2023-1651)

Vuldb Updates
1 week 1 day ago
A vulnerability, which was classified as critical, was found in Oracle Banking Liquidity Management 14.5/14.6/14.7. This affects an unknown part of the component Common. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-20883. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2023-20883 | Oracle Banking Origination 14.5/14.6/14.7 Onboarding Batch Processes denial of service (EUVD-2023-1651)

Vuldb Updates
1 week 1 day ago
A vulnerability has been found in Oracle Banking Origination 14.5/14.6/14.7 and classified as critical. This vulnerability affects unknown code of the component Onboarding Batch Processes. The manipulation leads to denial of service. This vulnerability was named CVE-2023-20883. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2023-20883 | Oracle Banking APIs 21.1/22.1/22.2 IDM Authentication denial of service (EUVD-2023-1651)

Vuldb Updates
1 week 1 day ago
A vulnerability has been found in Oracle Banking APIs 21.1/22.1/22.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component IDM Authentication. The manipulation leads to denial of service. This vulnerability is known as CVE-2023-20883. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2023-20883 | Oracle Banking Cash Management 14.5/14.6/14.7 Accessibility denial of service (EUVD-2023-1651)

Vuldb Updates
1 week 1 day ago
A vulnerability was found in Oracle Banking Cash Management 14.5/14.6/14.7. It has been classified as critical. This affects an unknown part of the component Accessibility. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-20883. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2023-20883 | Oracle Banking Credit Facilities Process Management 14.5/14.6/14.7 Core denial of service (EUVD-2023-1651)

Vuldb Updates
1 week 1 day ago
A vulnerability was found in Oracle Banking Credit Facilities Process Management 14.5/14.6/14.7. It has been declared as critical. This vulnerability affects unknown code of the component Core. The manipulation leads to denial of service. This vulnerability was named CVE-2023-20883. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2023-20883 | Oracle Banking Electronic Data Exchange for Corporates 14.5/14.6/14.7 Reports denial of service (EUVD-2023-1651)

Vuldb Updates
1 week 1 day ago
A vulnerability, which was classified as critical, has been found in Oracle Banking Electronic Data Exchange for Corporates 14.5/14.6/14.7. Affected by this issue is some unknown functionality of the component Reports. The manipulation leads to denial of service. This vulnerability is handled as CVE-2023-20883. The attack may be launched remotely. There is no exploit available.
vuldb.com

RenderShock 0-Click Exploit Executes Payloads Silently via Background Process

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 week 1 day ago

A new class of cyberattack called RenderShock has been identified that can compromise enterprise systems without requiring any user interaction, exploiting the very productivity features designed to help workers preview and process files automatically. Unlike traditional malware that requires users to click on malicious attachments or links, RenderShock leverages passive execution surfaces that operate silently […]

The post RenderShock 0-Click Exploit Executes Payloads Silently via Background Process appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Managed ad