Aggregator

The Browsers tab is a unique feature only available in NetworkMiner Professional. The PCAP files analyzed in this video are pwned-se_150312_outgoing.pcap and pwned-se_150312_incoming.pcap, which are snippets of the 4.4 GB Hands-on Network Forensics dataset from FIRST 2015 (slides). More information[...]

INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses to the tune

Злоумышленники использовали хитрые схемы и помощь изнутри компании.

Зачем молодые геймеры добровольно пускают хакеров в свои ПК?

Egress found that attackers are becoming more adept at bypassing email security, such as using compromised accounts and the use of commodity campaigns

Маленькие ошибки отправили Джесси Кипфа за решетку и раскрыли связи с крупными хакерскими группировками.

Аналитики раскрыли неудобную правду о работе ИИ с кодом.

Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads

U.S. security agencies and allies in other countries are laying out guideposts for organizations as

Одна ошибка потрясла 2 континента.

As organizations continue to adopt more SaaS applications, the need for comprehensive security solutions will only grow.

The post SSPM: A Better Way to Secure SaaS Applications  appeared first on Security Boulevard.

[This is a Guest Diary by Joshua Gilman, an ISC intern as part of the SANS.edu BACS program]Intro

A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. This vulnerability is traded as CVE-2024-9460. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

看雪论坛作者ID：pureGavin【译】

剖析真实漏洞案例，融合开源方案实践

Submit #417052 / VDB-279132

A vulnerability was found in HPE IceWall Federation Agent, IceWall Gen11 Enterprise Edition and IceWall SSO Agent Option and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-42504. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A critical vulnerability has been discovered in Cisco’s Nexus Dashboard Fabric Controller (NDFC), potentially allowing hackers to execute arbitrary commands on affected systems. This flaw, identified as CVE-2024-20432, was first published on October 2, 2024. Its CVSS score of 9.9 indicates its severe impact. Vulnerability Details The vulnerability resides in the Cisco NDFC’s REST API […]

The post Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Faronics DeepFreeze 9.00.020.5760 and classified as problematic. This vulnerability affects unknown code in the library FarDisk.sys of the component IOCTL Handler. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-8159. The attack needs to be approached locally. There is no exploit available.