Aggregator

Политическая арена США становится эпицентром борьбы за влияние на интернет.

Эксперимент на ТВ заставил голландцев поверить в масштабную катастрофу.

Пошаговый разбор процесса исследования и эксплуатации уязвимости в клиенте WinReg. Раскрываем механизм работы RPC, методы обнаружения уязвимых систем и способы защиты.

By developing robust, adaptive security strategies, organizations can effectively safeguard their cloud environments against evolving threats and ensure compliance with regulatory requirements.

The post Cracking the Code: Tackling the Top 5 Cloud Security Challenges appeared first on Security Boulevard.

主站 分类 漏洞 工具 极客

AGI 打破了可穿戴设备的不可能三角，让超强的功能得以在微小的形态上实现。

Животное не вооружено, но все-таки опасно.

据Cyber Security News消息，11月18日，博通发布了紧急警告，称 VMware vCenter Server 中的两个关键漏洞现在正被广泛利用。 这两个漏洞包含一个CVSS评分达9.8分的远程代码执行 （RCE） 漏洞，被跟踪为 CVE-2024-38812。该漏洞源于 vCenter Server 实现 DCE/RPC 协议时的堆溢出问题，具有网络访问权限的攻击者可以通过发送特制数据包来触发此漏洞，从而可能导致远程代码执行和整个系统受损。 第二个漏洞被跟踪为CVE-2024-38813， CVSS 评分7.5，允许攻击者通过发送恶意构建的网络数据包将权限升级到根权限。 这两个漏洞最初是由 TZL 团队的研究人员 zbl 和 srs 在中国 2024 年矩阵杯黑客大赛期间发现并报告，受到影响的版本包括 VMware vCenter Server 7.0 和 8.0 版本以及 VMware Cloud Foundation 4.x 和 5.x 版本。 11月18日，博通发布了最新安全公告，指出 CVE-2024-38812 和 CVE-2024-38813 都已在野外被积极利用。鉴于这些漏洞的严重性和主动利用，博通强烈建议使用受影响的VMware 产品要立即应用最新的安全更新。 博通于 2024 年 9 月 17 日首次发布了针对这些漏洞的补丁，但值得注意的是，该公司在10月21日再度发布了补丁更新，指出先前的修复并不完整，强烈建议用户立刻更新最新的补丁。 目前最新的受影响产品修复版本包括： VMware vCenter Server 8.0：需更新到 8.0 U3d 版本 VMware vCenter Server 7.0：需更新到 7.0 U3t 版本 VMware Cloud Foundation 5.x：将异步修补程序应用于 8.0 U3d版本 VMware Cloud Foundation 4.x：将异步修补程序应用于 7.0 U3t版本 这一事件凸显了及时应用安全更新的重要性，尤其是对于 VMware vCenter Server 等关键基础架构组件。因此建议企业组织审查自身的VMware 部署，应用必要的补丁，并监控是否有任何泄露迹象。鉴于存在远程代码执行和权限提升的可能性，任何可能已暴露的系统都应经过全面的安全评估。     转自Freebuf，原文链接：https://www.freebuf.com/news/415580.html 封面来源于网络，如有侵权请联系删除

A vulnerability classified as problematic has been found in Intel Xeon D Processor. Affected is an unknown function of the component Microcode Keying. The manipulation leads to incorrect calculation. This vulnerability is traded as CVE-2023-43490. The attack needs to be approached locally. There is no exploit available.

A vulnerability classified as problematic was found in Intel Processor. This vulnerability affects unknown code. The manipulation leads to hardware logic contains race conditions. This vulnerability was named CVE-2023-45733. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Intel Core Ultra Processor. It has been declared as critical. This vulnerability affects unknown code of the component Stream Cache. The manipulation leads to improper isolation of shared resources on system-on-a-chip (soc). This vulnerability was named CVE-2023-42667. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Intel CPU. It has been classified as critical. Affected is an unknown function. The manipulation leads to sequence of processor instructions leads to unexpected behavior. This vulnerability is traded as CVE-2023-23583. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Intel CPU. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Return Predictor Target Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2023-38575. Local access is required to approach this attack. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Intel Xeon. Affected by this issue is some unknown functionality of the component SGX/TDX. The manipulation leads to protection mechanism failure. This vulnerability is handled as CVE-2023-22655. Local access is required to approach this attack. There is no exploit available.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.94/6.6.34/6.9.5. This affects the function __hwrm_send of the component bnxt_en. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-40919. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2. It has been declared as problematic. Affected by this vulnerability is the function rtw89_sta_info_get_iter. The manipulation leads to improper validation of array index. This vulnerability is known as CVE-2024-43842. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.10.4. Affected is an unknown function of the component mac80211. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-43911. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Расследование кибершпионской миссии может привести к самым неожиданным открытиям.