19Articles
6Categories
2024-12-25Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
25 DecCritical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch NowThe Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulne…THEHACKERNEWS.COM
25 Dec KEVThe 2024 cyberwar playbook: Tricks used by nation-state actorsIn 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless — they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, …CSOONLINE.COM
25 DecIBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service AttackIBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system that could potentially lead to denial-of-service (DoS) attacks. The affected kernel extensions—perfstat and TCP/IPmpresent risks to systems running on AIX 7.2, AIX 7.3, VIOS 3.1, and VIO…GBHACKERS.COM
25 DecApache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-ServerThe Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache HugeGraph-Server. The flaw, identified as CVE-2024-43441, could potentially allow authentication bypass due to an issue with assumed-immutable data in JWT tokens. The vulnerabi…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 2[−]
25 DecWeekly Update 431Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. I fell waaay behind the normal video cadence this week, and I couldn't care less 😊 I mean c'mon, would you rather be working or sitting here looking…TROYHUNT.COM
25 Dec10 essenzielle Maßnahmen für physische SicherheitWenn physische Security nur immer so simpel umzusetzen wäre… Foto: Leremy | shutterstock.com Obwohl CISOs im Allgemeinen eher selten mit dem gesamten Spektrum der Gesundheits- und Arbeitssicherheitsbelange betraut sind, spielen sie diesbezüglich doch eine wichtige, strategische R…CSOONLINE.COM
📢 SECURITY ADVISORIES 2[−]
25 DecHow Will the Next Administration Shape Crypto’s Security Future? 🇺🇸The future of crypto is shaping up to be a battleground for cybersecurity and regulation. With the next administration possibly embracing crypto, how will CISOs adapt to the risks and opportunities? From Bitcoin’s wild price swings to SEC scrutiny, the stakes are high for securin…YOUTUBE.COM
🔥 INCIDENT REPORTING 2[−]
25 DecIran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao MalwareThe Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a "recent" inv…THEHACKERNEWS.COM
25 DecIndonesia Government Data Breach – Hackers Leaked 82 GB of Sensitive Data OnlineHackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian government’s Regional Financial Management Information System (Sistem Informasi Pengelolaan Keuangan Daerah, or SIPKD). This system is operated by the Badan Pendapatan, Peng…GBHACKERS.COM
🕵️ THREAT INTELLIGENCE 4[−]
25 DecCompiling Decompyle++ For Windows, (Wed, Dec 25th)Occasionaly I decompile Python code, with decompilers written in Python. Recently I discovered Decompyle++ , a Python disassembler & decompiler written in C++. ISC.SANS.EDU
25 DecHacker Heroes - Haroon Meer - PSW VaultUnraveling Cybersecurity Complexity: A Conversation with Haroon Meer Haroon Meer, an influential figure in the world of cybersecurity, takes center stage in this podcast interview. With a deep reservoir of knowledge and a track record of tackling complex security challenges, Haro…YOUTUBE.COM
25 DecIntegrating Wazuh with DefectDojo for DevSecOpssubmitted by MajorTom to cybersecurity 10 points | 0 comments https://wazuh.com/blog/integrating-wazuh-with-defectdojo-for-devsecops/INFOSEC.PUB
25 DecVPN used for VR game cheat sells access to your home networksubmitted by Alphane_Moon to cybersecurity 86 points | 9 comments https://arstechnica.com/security/2024/12/vpn-used-for-vr-game-cheat-sells-access-to-your-home-network/SH.ITJUST.WORKS
📡 INFOSEC NEWS 5[−]
25 DecFive lesser known Task Manager features in Windows 11Windows 11 is far from perfect, but it does make Task Manager significantly better. In this article, we're going to take a closer look at some of our favourite Task Manager features. [...]BLEEPINGCOMPUTER.COM
25 DecRuijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote AttacksCybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS netwo…THEHACKERNEWS.COM
25 DecHome for the holidays? Share this top cybersecurity advice with friends and familySharing security advice can go a long way in protecting your loved ones from the most common and damaging online threats. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
25 DecHosting the Largest TOR Exit Node: Paul's StoryWhat’s it like to be responsible for the largest TOR exit node on the internet? Paul shares his wild story and why every cybersecurity professional should consider spinning up a dark web server. 🌐 Discover the lessons, risks, and surprising insights from hosting on the dark web. …YOUTUBE.COM
25 DecHow Easy Is It to Fake Your Voice or Face? 🤯How easy is it for hackers to fake your voice or face? With the rise of deepfake technology, cybercriminals can now replicate biometric data like your voice or appearance to bypass security systems. From morphing audio to syncing lips with fake videos, this tech is both fascinati…YOUTUBE.COM