Aggregator

French police arrest HexDex hacker, a 20-year-old suspect accused of mass data theft and leaks targeting government, sports groups, and firms.

China-linked threat actors have shifted from individually procured infrastructure to large-scale covert networks, botnets built from compromised routers and other edge devices, the National Cyber Security Centre (NCSC) warns. To help organizations address this threat, the NCSC, together with the Cyber League and partner agencies, has issued an advisory. The advisory includes guidance for organizations of all sizes, urging them to map and baseline traffic from edge devices, particularly VPN and remote access connections, and … More →

The post Compromised everyday devices power Chinese cyber espionage operations appeared first on Help Net Security.

无需适配，一键开放，AI自主调用所有安全插件

涵盖百万级安全从业者资源

6.5万份文件被盗！黑客通过Telegram监控全球网络攻击

固件调试、ROP 构造、EXP 编写，全流程无尿点

看雪论坛作者ID：易之生生

Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre warned on Thursday. “The [Firestarter] malware (…) is relevant for both Cisco Firepower and Secure Firewall devices; however, CISA has only observed a successful implant of the malware in the wild on a Cisco Firepower device running ASA software,” the Cybersecurity and Infrastructure Security Agency noted. CISA also shared threat … More →

The post New Cisco firewall malware can only be killed by pulling the plug appeared first on Help Net Security.

全力冲刺，实现开门红

银河系是圆盘状恒星，也就是恒星的形成是由里向外，这意味着越远的恒星越年轻。天文学家分析了银河系逾 10 万颗巨型恒星，发现恒星年龄分布由内向外模式在距离银河系中心 3.5-4 万光年间发生逆转，超过该距离恒星年龄变大了。这种突变形成了 U 型年龄分布，曲线最低点对应的恒星形成率急剧下降，代表着银河系恒星形成盘的边界。天文学家认为他们识别了银河系圆盘的边缘。

Зарубежный трафик в России продолжает расти вопреки блокировкам.

A vulnerability classified as problematic has been found in Secure Computing SafeWord RemoteAccess 2.1. Affected by this issue is some unknown functionality of the file servers\web\tomcat\usercenter\web-inf\login.conf. The manipulation leads to missing encryption of sensitive data. This vulnerability is traded as CVE-2006-5303. An attack has to be approached locally. There is no exploit available.

A vulnerability classified as critical was found in Inccms Technology IncCMS Core up to 1.0.0. This affects an unknown part. The manipulation of the argument inc_dir results in file inclusion. This vulnerability is known as CVE-2006-5304. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, has been found in phpbb lat2cyr 1.0.1. This vulnerability affects unknown code of the file lat2cyr.php. This manipulation of the argument phpbb_root_path causes file inclusion. This vulnerability is handled as CVE-2006-5305. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability, which was classified as critical, was found in phpBB Journals System module up to 1.0.2. This issue affects some unknown processing. Such manipulation of the argument phpbb_root_path leads to code injection. This vulnerability is uniquely identified as CVE-2006-5306. The attack can be launched remotely. Moreover, an exploit is present. You should upgrade the affected component.

A vulnerability was found in Open Conference Systems up to 1.1.5 and classified as critical. The affected element is an unknown function. Executing a manipulation of the argument fullpath can lead to file inclusion. The identification of this vulnerability is CVE-2006-5308. The attack may be launched remotely. Furthermore, there is an exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in phpBB Prillian French up to 0.8.0. It has been classified as critical. The impacted element is an unknown function. The manipulation of the argument phpbb_root_path leads to file inclusion. This vulnerability is referenced as CVE-2006-5309. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in phpMyConferences 8.0.2. It has been declared as critical. This affects an unknown function. The manipulation of the argument lvc_include_dir results in code injection. This vulnerability is identified as CVE-2006-5310. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in Buzlas 2006-1 Full. It has been rated as critical. This impacts an unknown function. This manipulation of the argument phpbb_root_path causes file inclusion. This vulnerability is tracked as CVE-2006-5311. The attack is possible to be carried out remotely. Moreover, an exploit is present.