#82 Archives - Alireza Gharib Blog

January 9, 2025

CVE-2024-53995 – SickChill Open Redirect Vulnerability

CVE ID : CVE-2024-53995 Published : Jan. 8, 2025, 9:15 p.m. | 29 minutes ago Description : SickChill is an automatic video library manager for TV shows. A user-controlled `login` endpoint’s `next_` parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open…

CVE, Cybersecurity, Cybersecurity awareness, Security, Threat Intelligence

#82, #attack, #cve, #cybersecurity, #go, #security
January 9, 2025

CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw

CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw Ivanti has issued a security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and Neurons for ZTA Gateways. The vulnerabilities—CVE-2025-0282 and CVE-2025-0283—pose signif … Read more Published Date: Jan 08, 2025 (3 hours, 3 minutes ago) Vulnerabilities has been mentioned in this article. Go to…

CVE, Cybersecurity, Cybersecurity awareness, Security, Threat Intelligence

#82, #cve, #cybersecurity, #flaw, #go, #secure, #security
January 9, 2025

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Threat actors abused Visual Studio Code and Microsoft Azure infrastructure to target large business-to-business IT service providers in Southern Europe. Executive Summary From late June to mid-July 2024, a suspected China-nexus threat actor targeted large business-to-business IT service providers in Southern Europe, an activity cluster that we dubbed ‘Operation Digital Eye’. The intrusions could have…

#190, #82, #author, #browser, #tech
January 9, 2025

CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks

A loose collective of mostly low-skilled actors, CyberVolk absorbs and adapts a wide array of destructive malware for use against political targets. Executive Summary CyberVolk/GLORIAMIST is a hacktivist collective originating in India with pro-Russia leanings. Between June and October 2024, CyberVolk claimed responsibility for multiple ransomware attacks. The main objective of CyberVolk and related groups…

#82, #attack, #author, #browser, #bug, #opjp
January 9, 2025

🤔Retro’ing and Debugging 2024: a year of data, books, APIs, BOTs & AI

This is a submission for the 2025 New Year Writing challenge: Retro’ing and Debugging 2024. 🤗 About 2024 was an incredible year filled with challenges, achievements, and an abundance of – sometimes unexpected – learning opportunities that came to me on my way. Reflecting on the year, here are some of the highlights that shaped…

#82, #ai, #api, #bug, #database, #dataengineering, #datascience, #go, #hackathon, #innovation, #iot, #jupyter, #management, #neo4j, #nocode, #nodes24, #openai, #opendata, #opensource, #productivity, #programming, #showdev, #tech, #tooling, #tutorial, #ui, #ux
January 9, 2025

ZDI Threat Hunting 2024: Highlights, Trends, & Challenges

Reflecting on 2024, it has been an eventful year for the Zero Day Initiative Threat Hunting team. Throughout the year, we identified numerous threat actor campaigns exploiting zero-day vulnerabilities, uncovered additional variants of these vulnerabilities, and discovered even more vulnerabilities through our in-the-wild research. In this blog, we will highlight some of the key achievements…

Cybersecurity, Security, Vulnerabilities

#82, #attack, #browser, #bypass, #cybersecurity, #security, #tech, #zero_day
January 9, 2025

Ivanti warns hackers are exploiting new vulnerability

The company released an advisory and a corresponding blog about two bugs — CVE-2025-0282 and CVE-2025-0283 — and warned that some customers have already seen CVE-2025-0282 exploited in their environments. Go to Source

CyberCrime, CyberManiac, Cybersecurity, Cybersecurity awareness, Security, Security Awareness, Threat Hunting, Threat Intelligence

#82, #bug, #bugs, #hack, #news, #tech, Technology
January 8, 2025

Java Annotated Monthly – January 2025

The new year has arrived, and we’re kicking it off with another handpicked selection of must-read tutorials and the latest news you won’t want to miss. This issue starts with an amazing featured content section with Donald Raab. Settle in and scroll your way to some fresh knowledge! Featured Content Greetings, Java Annotated Monthly readers!…

Development

#82, #dev, #developers, #development, #jetbrains, #jvmls, #linux, #software

Tag: #82