安全研究 Safety research
Projectsend存在授权机制不正确漏洞  https://github.com/projectsend/projectsend/releases/tag/r1720 Linux Linux_kernel存在安全漏洞 https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202402-2401 Oracle等厂商的多款产品存在漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2024-20806 Apple多款产品存在通过差异性导致的信息暴露漏洞 https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202306-1767 Makves Dcap存在敏感数据的明文存储漏洞 https://pastebin.com/L5BkBeEE
发布时间: 2024 - 12 - 09
Solana Web3.js库被后门窃取私钥 https://www.bleepingcomputer.com/news/security/solana-web3js-library-backdoored-to-steal-secret-private-keys/ 俄罗斯Turla渗透巴基斯坦Storm-0156组织的C2服务器 https://blog.lumen.com/snowblind-the-invisible-hand-of-secret-blizzard/ Blue Yonder供应链平台遭Termite勒索软件袭击 https://cyble.com/blog/technical-look-at-termite-ransomware-blue-yonder/ 攻击者伪造虚假会议应用程序瞄准Web3工作人员 https://www.cadosecurity.com/blog/meeten-malware-threat  Venom Spider组织新型恶意软件即服务工具活动追踪 https://www.zscaler.com/blogs/security-research/unveiling-revc2-and-venom-loader#introduction
发布时间: 2024 - 12 - 09
Veritas Enterprise_vault存在可信数据的反序列化漏洞 https://www.cve.org/CVERecord?id=CVE-2024-53910 Wp-royal-themes Ashe存在跨站脚本漏洞 https://wordpress.org/themes/ashe/ Metagauss Profilegrid存在授权机制缺失漏洞 https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities Philiphazel Xfpt存在跨界内存写漏洞  https://nvd.nist.gov/vuln/detail/CVE-2024-43700 Containers等厂商的多款产品存在链接跟随漏洞  https://access.redhat.com/errata/RHSA-2024:8039
发布时间: 2024 - 12 - 02
Earth Kasha组织利用ANEL后门针对日本发起钓鱼攻击 https://www.trendmicro.com/en_us/research/24/k/return-of-anel-in-the-recent-earth-kasha-spearphishing-campaign.html  攻击者借助Weebly服务瞄准电信和金融行业 https://blog.eclecticiq.com/financially-motivated-threat-actor-leveraged-google-docs-and-weebly-services-to-target-telecom-and-financial-sectors APT-C-60组织利用正规系统服务实施网络攻击 https://blogs.jpcert.or.jp/ja/2024/11/APT-C-60.html Matrix组织发起新一轮大规模DDoS攻击 https://www.aquasec.com/blog/matrix-unleashes-a-new-widespread-ddos-campaign/
发布时间: 2024 - 12 - 02
Microsoft多款产品存在数值截断错误漏洞 https://www.cve.org/CVERecord?id=CVE-2024-49018 Irfanview存在越界读取漏洞 https://www.cve.org/CVERecord?id=CVE-2024-9767 Dell Data_domain_operating_system存在访问控制不恰当漏洞 https://nvd.nist.gov/vuln/detail/CVE-2024-48010 Containers等厂商的多款产品存在链接跟随漏洞 https://access.redhat.com/errata/RHSA-2024:8039 Hkcms存在危险类型文件的不加限制上传漏洞 https://github.com/J-0k3r/CVE-2024-52677
发布时间: 2024 - 11 - 27
攻击者利用Avast的Anti-Rootkit驱动程序绕过安全防护 https://www.trellix.com/blogs/research/when-guardians-become-predators-how-malware-corrupts-the-protectors/ Palo Alto Networks防火墙设备遭漏洞利用攻击 https://arcticwolf.com/resources/blog/arctic-wolf-observes-threat-campaign-targeting-palo-alto-networks-firewall-devices/ 朝鲜UAT-5394组织采用新传播策略部署XenoRAT https://hunt.io/blog/xenorat-excel-xll-confuserex-as-access-method
发布时间: 2024 - 11 - 27
Redhat多款产品存在路径遍历漏洞 https://bugzilla.redhat.com/show_bug.cgi?id=2234387 Gnome等厂商的多款产品存在保护机制失效漏洞 https://gitlab.gnome.org/GNOME/tracker-miners/-/issues/277 Theforeman等厂商的多款产品存在信息暴露漏洞 https://cxsecurity.com/cveshow/CVE-2023-4886/ Gnu等厂商的多款产品存在使用欺骗进行的认证绕过漏洞 https://access.redhat.com/security/cve/CVE-2023-4001 Libtiff存在跨界内存写漏洞 https://gitlab.com/libtiff/libtiff/-/issues/606
发布时间: 2024 - 11 - 25
伊朗Emennet Pasargad组织利用WezRat恶意软件攻击以色列 https://research.checkpoint.com/2024/wezrat-malware-deep-dive/ 盲眼鹰组织近期伪造司法部门文件部署DcRat后门 https://mp.weixin.qq.com/s/DDCCjhBjUTa7Ia4Hggsa1A Helldown勒索软件详情披露 https://blog.sekoia.io/helldown-ransomware-an-overview-of-this-emerging-threat/
发布时间: 2024 - 11 - 25
Microsoft Edge存在安全漏洞 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23258 Google Android存在安全漏洞 https://nvd.nist.gov/vuln/detail/CVE-2024-43093 Plenti存在路径遍历漏洞https://www.cve.org/CVERecord?id=CVE-2024-49381 Paloaltonetworks Expedition存在SQL注入漏洞 https://security.paloaltonetworks.com/PAN-SA-2024-0010  Qemu等厂商的多款产品存在空指针解引用漏洞 https://access.redhat.com/security/cve/CVE-2023-6683
发布时间: 2024 - 11 - 18
微软补丁日通告:2024年11月版 https://msrc.microsoft.com/update-guide/releaseNote/2024-Nov Mozi僵尸网络卷土重来,以Androxgh0st形式发起新一轮攻击 https://www.cloudsek.com/blog/mozi-resurfaces-as-androxgh0st-botnet-unraveling-the-latest-exploitation-wave WIRTE组织开始针对中东实体实施破坏性攻击 https://research.checkpoint.com/2024/hamas-affiliated-threat-actor-expands-to-disruptive-activity/
发布时间: 2024 - 11 - 18
Microsoft Edge_chromium存在类型混淆漏洞 https://www.cve.org/CVERecord?id=CVE-2024-43596 Eclipse Jetty存在资源分配缺少限制或调节漏洞 https://github.com/jetty/jetty.project/pull/10756 Linux Linux_kernel存在空指针解引用漏洞 https://git.kernel.org/stable/c/825711e00117fc686ab89ac36a9a7b252dc349c6 Linecorp Line存在安全漏洞 https://www.cve.org/CVERecord?id=CVE-2023-45561 Advcomsys Onevote!存在跨站脚本漏洞 https://nvd.nist.gov/vuln/detail/CVE-2023-23756
发布时间: 2024 - 11 - 11
SteelFox木马伪装成软件激活器进行窃密和挖矿活动 https://securelist.com/steelfox-trojan-drops-stealer-and-miner/114414/ 新型勒索软件Interlock分析 https://blog.talosintelligence.com/emerging-interlock-ransomware/ CopyRh(ight)adamantys活动以侵权为由部署Rhadamantys窃取程序 https://research.checkpoint.com/2024/massive-phishing-campaign-deploys-latest-rhadamanthys-version/ GodFather银行木马扩大攻击范围 https://cyble.com/blog/godfather-malware-targets-500-banking-and-crypto-apps-worldwide/
发布时间: 2024 - 11 - 11
Esafenet Cdg存在SQL注入漏洞 https://flowus.cn/share/651b6010-4701-4cec-a5a3-6e01e22636b9?code=G8A6P3 Apple Macos存在安全漏洞 https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202410-3144 Langchain存在未经控制的递归漏洞 https://github.com/langchain-ai/langchain Man D-tale存在使用硬编码的凭证漏洞 https://nvd.nist.gov/vuln/detail/CVE-2024-3408 Lunary存在通过用户控制密钥绕过授权机制漏洞 https://cxsecurity.com/cveshow/CVE-2024-5128/
发布时间: 2024 - 11 - 04
攻击者伪造韩国赌博游戏网站传播WrnRAT恶意软件 https://cybersecuritynews.com/wrnrat-delivered-gambling-games/ 新版FakeCall恶意软件劫持银行电话欺诈韩国用户 https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/ UNC5812组织利用Telegram向乌克兰军方分发恶意软件 https://cybersecuritynews.com/russian-hackers-attacking-ukraine-military/ 台湾地区Facebook商业账户遭到信息窃取攻击 https://blog.talosintelligence.com/threat-actors-use-copyright-infringement-phishing-lure-to-deploy-infostealers/ Strela Stealer恶意软件瞄准中欧和西南欧 https://cyble.com/blog/strela-stealer-targets-europe-stealthily-via-webdav/
发布时间: 2024 - 11 - 04
Nayrathemes Clever_fox存在跨站脚本漏洞 https://cxsecurity.com/cveshow/CVE-2024-1768/ Omaksolutions Slick_popup存在跨站脚本漏洞 https://nvd.nist.gov/vuln/detail/CVE-2023-46824 Cloudnet360存在跨站脚本漏洞 https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202311-664 Visser Store_exporter_for_woocommerce存在跨站脚本漏洞
发布时间: 2024 - 10 - 30
StormBoobo组织CloudScout工具集技术分析 https://www.welivesecurity.com/en/eset-research/cloudscout-evasive-panda-scouting-cloud-services/ HeptaX活动利用LNK文件实现远程桌面连接 https://cyble.com/blog/heptax-unauthorized-rdp-connections-for-cyberespionage-operations/ Fog和Akira勒索团伙借助SonicWall VPN漏洞入侵企业网络 https://arcticwolf.com/resources/blog/arctic-wolf-labs-observes-increased-fog-and-akira-ransomware-activity-linked-to-sonicwall-ssl-vpn/ 印度机场航空旅客遭钓鱼攻击 https://www.cloudsek.com/blog/uncovering-the-lounge-pass-scam-campaign-targeted-android-sms-stealer-preying-on-air-travellers#Indicators UAC-0215组织瞄准乌克兰政府和军事实体 https://cert.gov.ua/article/6281076
发布时间: 2024 - 10 - 30
Linux Linux_kernel存在内存泄露漏洞 https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202410-2365 Wpbeginner Transients_manager存在跨站请求伪造漏洞 https://www.cve.org/CVERecord?id=CVE-2024-10045 0-dyn Collabtive存在跨站脚本漏洞 https://nvd.nist.gov/vuln/detail/CVE-2024-48706 Pandorafms Pandora_fms存在路径遍历漏洞 https://nvd.nist.gov/vuln/detail/CVE-2024-35308 Google等厂商的多款产品存在漏洞 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5836
发布时间: 2024 - 10 - 28
暴露的Docker远程API服务器被用于部署perfctl恶意软件 https://www.trendmicro.com/en_us/research/24/j/attackers-target-exposed-docker-remote-api-servers-with-perfctl-.html 越南攻击者对求职者和数字营销专业人士发起攻击 https://cyble.com/blog/vietnamese-threat-actors-multi-layered-strategy-on-digital-marketing-professionals/ 攻击者利用Gophish框架传播PowerRAT和DCRAT https://blog.talosintelligence.com/gophish-powerrat-dcrat/ Lazarus组织伪造游戏页面以部署Manuscrypt后门 https://securelist.com/lazarus-apt-steals-crypto-with-a-tank-game/114282/ 巴西银行木马Grandoreiro详情披露 https://securelist.com/grandoreiro-banking-trojan/114257/
发布时间: 2024 - 10 - 28
Ninjaforms Ninja_forms存在跨站请求伪造漏洞https://www.cve.org/CVERecord?id=CVE-2024-39628 Braincert Virtual_classroom存在SQL注入漏洞https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202308-457 Acyba Acymailing_starter存在危险类型文件的不加限制上传漏洞https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202308-1550 Hikashop存在SQL注入漏洞https://www.cnnvd.org.cn/home/globalSearch?keyword=CNNVD-202308-456 Discourse存在资源穷尽漏洞https://nvd.nist.gov/vuln/detail/CVE-2024-43789
发布时间: 2024 - 10 - 21
SideWinder组织目标扩展至中东和非洲 https://securelist.com/sidewinder-apt/114089/ Water Makara向巴西企业分发Astaroth恶意软件 https://www.trendmicro.com/en_us/research/24/j/water-makara-uses-obfuscated-javascript-in-spear-phishing-campai.html Cerberus银行木马在ErrorFather活动中继续活跃 https://cyble.com/blog/hidden-in-plain-sight-errorfathers-deadly-deployment-of-cerberus/ 攻击者冒充韩国大型娱乐公司投递钓鱼邮件https://asec.ahnlab.com/ko/83863/ 疑似国家级黑客利用Ivanti CSA零日漏洞实现网络入侵 https://www.fortinet.com/blog/threat-research/burning-zero-days-suspected-nation-state-adversary-targets-ivanti-csa
发布时间: 2024 - 10 - 21
友情连接:
免费服务热线 ree service hotline 400-613-1868 手机端
法律声明 Copyright  西安交大捷普网络科技有限公司  陕ICP备18022218号-1

陕公网安备 61019002000857号

犀牛云提供云计算服务