Aggregator

Mozilla 透露，一个影响 Firefox 和 Firefox Extended Support Release (ESR) 的关键安全漏洞已被恶意利用。 该漏洞被追踪为 CVE-2024-9680，被描述为动画时间轴组件中的 “use-after-free ”漏洞。 Mozilla 在周三的一份公告中说：“攻击者利用了动画时间轴中的use-after-free，在内容进程中执行了代码。我们收到了关于该漏洞在野外被利用的报告。” 斯洛伐克 ESET 公司的安全研究员 Damien Schaeffer 发现并报告了这一漏洞。 该问题已在以下版本的网络浏览器中得到解决： 火狐 131.0.2 火狐浏览器 ESR 128.3.1 火狐浏览器 ESR 115.16.1 目前还没有关于该漏洞在实际攻击中如何被利用以及幕后威胁者身份的详细信息。 尽管如此，此类远程代码执行漏洞可以通过多种方式加以利用，既可以作为针对特定网站的灌水漏洞攻击的一部分，也可以通过欺骗用户访问虚假网站的 “偷渡式下载 ”活动加以利用。 建议用户更新到最新版本，以抵御主动威胁。     转自安全客，原文链接：https://www.anquanke.com/post/id/300716 封面来源于网络，如有侵权请联系删除

APT组织GoldenJackal利用U盘等介质实施摆渡攻击，至少两次成功穿透了政府机密系统实施窃密活动。

9 月，美国州际和国际点对点支付与汇款公司速汇金证实，由于受到网络攻击，其服务目前无法使用。 9 月 22 日，该公司通知其客户，它正在经历一次网络中断，影响到其几个系统的连接。 该公司关闭了部分系统以控制攻击，这表明它是勒索软件攻击的受害者。 这次攻击影响了个人和在线汇款服务。该公司对安全漏洞展开了调查，并通知了执法部门。 速汇金现在证实，网络攻击暴露了客户数据，包括联系信息（如电话号码、电子邮件和邮政地址）、政府 ID、社会安全号和交易详情。 速汇金公布的数据泄露通知中写道：“受影响的信息包括某些受影响的消费者姓名、联系方式（如电话号码、电子邮件和邮寄地址）、出生日期、数量有限的社会安全号、政府颁发的身份证明文件副本（如驾照）、其他身份证明文件（如水电费账单）、银行账号、速汇金加值奖励号码、交易信息（如交易日期和金额），以及数量有限的消费者的刑事调查信息（如欺诈）。受影响信息的类型因受影响的个人而异。” 在外部网络安全专家的帮助下，该公司正在努力控制和修复此次攻击。该公司已经向执法部门通报了此次安全漏洞事件。 TechCrunch 报道称，速汇金表示其调查还处于 “早期阶段”，正在努力确定安全漏洞的程度。目前还不清楚有多少消费者受到了此次事件的影响。 目前，系统已经重新上线，公司也已恢复正常业务运营。 速汇金国际于 2023 年 6 月 1 日被私募股权公司 Madison Dearborn Partners 以每股 11.00 美元的价格收购，成为一家私有公司。到 2023 年初，该公司 50%的交易已实现数字化。该公司在 200 多个国家开展业务，为全球 1.5 亿客户提供服务，是汇款行业的重要参与者。 速汇金拥有大量敏感的客户数据，因此是网络犯罪分子的首要目标。     转自安全客，原文链接：https://www.anquanke.com/post/id/300713 封面来源于网络，如有侵权请联系删除

Иногда, чтобы раскрыть мошенничество, нужно проявить лишь немного больше внимательности…

Linux 作者 Linus Torvalds 罕见的谈论了内核开发者们的书写风格。他说自己在阅读维护者们递交的合并请求（Pull Request）时会随手处理下空格或缩进问题，但语态问题没办法随手处理，会需要额外的工作。部分内核开发者在合并请求中使用了被动语态，Linus Torvalds 建议他们使用主动语态，最好还是命令式的。他举例说，维护者应避免写类似的被动语态“In this pull request, the Xyzzy driver error handling was fixed to avoid a NULL pointer dereference.”他建议写成主动语态“This fixes a NULL pointer dereference in...”或者“Fix NULL pointer dereference in ...”他认为主动语态更简单明了。

助力企业面对数字化挑战。

Adaptiva announces the latest feature release for OneSite Patch: vulnerability dashboards. These new dashboards provide real-time visibility into Common Vulnerabilities and Exposures (CVEs) in the environment and patches that can remediate them–empowering organizations to find and fix vulnerabilities efficiently. IT and security teams often struggle to obtain real-time data that unifies vulnerability discovery and remediation status within the IT environment. This includes understanding how many vulnerabilities have available patches and the deployment status of those … More →

The post Adaptiva improves collaboration between IT and security teams with vulnerability dashboards appeared first on Help Net Security.

Hotel Chain Also Settles with Federal Trade Commission
The world's largest hotel chain agreed Wednesday to pay $52 million and conduct two decades of third-party monitoring of its cybersecurity program to settle a rash of data breaches affecting millions of guests. The multi-million payout is part of a settlement reached with 50 U.S. attorneys general.

A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/campsdetails.php. The manipulation of the argument hospital/address/city/contact leads to cross site scripting. The identification of this vulnerability is CVE-2024-9805. The attack may be initiated remotely. Furthermore, there is an exploit available. The initial researcher advisory only mentions the parameter "hospital".

A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/campsdetails.php. The manipulation of the argument hospital leads to sql injection. This vulnerability was named CVE-2024-9804. The attack can be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access. The vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, affect both VMware NSX and VMware Cloud Foundation. According to the Broadcom report, the advisory, VMSA-2024-0020, was initially published on October 9, 2024, and highlights the moderate severity […]

The post Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #418619 / VDB-279953

Submit #418618 / VDB-279952

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file blooddetails.php. The manipulation of the argument Availibility leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-9803. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

Submit #418615 / VDB-279951

A vulnerability was found in open-webui up to 0.3.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to exposure of data element to wrong session. This vulnerability is handled as CVE-2024-7049. The attack may be launched remotely. There is no exploit available.