Aggregator

An artificial intelligence company said a hacker breached its network and stole a $250,000 wire pay

作者：罗棋琛（Max Luo）个人简介：1、资深网络安全专家，10 年从业经验，5 年乙方攻防、5 年甲方安全防御建设经验，在 SDL、DevSecOps、移动安全、API 安全、软件供应链安全、AI

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.11.6. Affected is the function __btrfs_free_extra_devids of the component btrfs. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-50217. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Progress LoadMaster up to 7.1.35.10/7.2.48.9/7.2.54.7/7.2.59.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to os command injection. This vulnerability is handled as CVE-2024-1212. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in SourceCodester Online Veterinary Appointment System 1.0. This vulnerability affects unknown code of the file /admin/services/view_service.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2024-10990. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. This issue affects some unknown processing of the file /editBranchResult.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2024-10991. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Codezips Online Institute Management System 1.0. Affected is an unknown function of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted upload. This vulnerability is traded as CVE-2024-10993. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit_user.php. The manipulation of the argument image leads to unrestricted upload. This vulnerability is known as CVE-2024-10994. The attack can be launched remotely. Furthermore, there is an exploit available.

数字司法

近日，全球网络巨头Palo Alto Networks确认旗下0Day漏洞正在被黑客利用。11月8日，Palo Alto Networks发布了一份安全通告(https://security.paloaltonetworks.com/PAN-SA-2024-0015)，警告客户PAN-OS管理界面中存在一个远程代码执行漏洞，并建议客户确保PAN-OS管理界面访问的安全性。 但随着该漏洞的曝光，Palo Alto Networks在11月15日发现已经有黑客/威胁组织正在利用该漏洞，对用户发起网络攻击，主要目标用户是那些暴露在互联网上防火墙管理界面。 目前还不清楚该漏洞如何暴露，以及受影响的企业范围。该漏洞也还没有分配CVE标识符，CVSS评分9.3分。Palo Alto Networks表示，他们认为Prisma Access和Cloud NGFW产品不受此漏洞影响。 安全措施和建议 目前，Palo Alto Networks正在开发补丁和威胁预防签名，建议客户确保只有来自可信IP地址的访问才能访问防火墙管理界面，而不是从互联网访问。公司指出，大多数防火墙已经遵循了这一Palo Alto Networks和行业的安全最佳实践。 其他受影响的产品：除了上述漏洞，美国网络安全机构CISA还表示，他们知道有三个影响Palo Alto Networks Expedition的漏洞在野外被利用。CISA警告，至少有两个影响Palo Alto Networks Expedition软件的漏洞正在被积极利用，并已将这些漏洞添加到其已知被利用漏洞(KEV)目录中，要求联邦文职行政部门机构在2024年12月5日之前应用必要的更新。 屡屡出现0Day漏洞 值得一提的是，在2024年3月，Palo Alto Networks防火墙产品也曾被曝存在严重安全漏洞，编号 CVE-2024-3400 ，CVSS 评分达10分，具体涉及PAN-OS 10.2、PAN-OS 11.0 和 PAN-OS 11.1 防火墙版本软件中的两个缺陷。 在第一个缺陷中，GlobalProtect 服务在存储会话 ID 格式之前没有对其进行充分验证。Palo Alto Networks 产品安全高级总监 Chandan B. N. 表示，这使得攻击者能够用选择的文件名存储一个空文件。第二个缺陷被认为是系统生成的文件将文件名作为了命令的一部分。 值得注意的是，虽然这两个缺陷本身都不够严重，但当它们组合在一起时，就可能导致未经验证的远程 shell 命令执行。 Palo Alto Network表示，利用该漏洞实施零日攻击的攻击者实施了两阶段攻击，以便在易受影响的设备上执行命令。该活动被命名为Operation MidnightEclipse，涉及发送包含要执行命令的特制请求，然后通过名为 UPSTYLE 的后门运行。 在攻击的第一阶段，攻击者向 GlobalProtect 发送精心制作的 shell 命令而非有效的会话 ID，导致在系统上创建一个空文件，文件名由攻击者命名为嵌入式命令；在第二阶段，定时运行系统作业会在命令中使用攻击者提供的文件名，进而让攻击者提供的命令能以更高的权限执行。利用这种方式，攻击者就能将该漏洞武器化，且不需要在设备上启用遥测功能就能对其进行渗透。       转自Freebuf，原文链接：https://www.freebuf.com/news/415484.html 封面来源于网络，如有侵权请联系删除

Water Barghest Group Lists Infected Devices Within 10 Minutes of Initial Compromise
A threat actor with suspected ties to Russian nation-state hackers has listed thousands of IoT devices as proxy networks within minutes of their initial compromise. A campaign that began in 2020 has so far infected 20,000 IoT devices, according to a new report by Trend Micro.

Inspector General Report Reveals 97 Water Systems With Critical Cybersecurity Risks
The Environmental Protection Agency inspector general said over 100 million Americans depend on drinking water systems exposed to cybersecurity flaws that could allow hackers to "disrupt service or cause irreparable physical damage to drinking water infrastructure."

Critical Authentication Flaw Impacts Both Free and Pro Users
A widely deployed five-in-one security plugin for WordPress websites contained a flaw that hackers could automate into a large-scale takeover campaign. The critical authentication bypass vulnerability takes advantage of a now-patched flaw in the Really Simple Security plugin.

Gartner Publishes First Identity Verification MQ as Workforce-Related Uses Multiply
Gartner has recognized Entrust, Incode, Jumio, Socure and Sumsub as identity verification leaders amid a rise in regulatory demands and fraud prevention requirements. Identity verification was historically used for regulated onboarding in industries like banking, gambling and cryptocurrency.

via the c

AWS has released an important new feature that allows you to apply permission boundaries around reso

DNS Reaper DNS Reaper is yet another subdomain takeover tool, but with an emphasis on accuracy, speed, and the number of signatures in our arsenal! We can scan around 50 subdomains per second, testing...

The post dnsReaper: subdomain takeover tool for attackers, bug bounty hunters and the blue team appeared first on Penetration Testing Tools.

Secure Stager This project demonstrates an x64 position-independent stager that verifies the stage it downloads prior to executing it. This offers a safeguard against man-in-the-middle attacks for those who are concerned about such things....

The post Secure Stager: An x64 position-independent shellcode stager appeared first on Penetration Testing Tools.

FISSURE – The RF Framework Frequency Independent SDR-based Signal Understanding and Reverse Engineering FISSURE is an open-source RF and reverses engineering framework designed for all skill levels with hooks for signal detection and classification,...

The post FISSURE: Frequency Independent SDR-based Signal Understanding and Reverse Engineering appeared first on Penetration Testing Tools.