Online Learning System 2.0 - (Multiple) SQL injection Authentication Bypass Vulnerability

Exploit Title: Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass Exploit Author: Oguzhan Kara Vendor Homepage: https://www.sourcecodester.com/php/14929/online-learning-system-v2-using-php-free-source-code.html Software Link:...

learningacademia.es Improper Access Control vulnerability OBB-2163011

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2022-09855)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that stems from the inability of the ""tf.rawops.RaggedGather"" parameter in the software to determine a valid ragged tensor code,...

moodle.helixlearning.nl Cross Site Scripting vulnerability OBB-2154346

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

SharpML - Machine Learning Network Share Password Hunting Toolkit

SharpML is a proof of concept file share data mining tool using Machine Learning in Python and C. The tool is discussed in more detail on our blog here, but is summarised below also: SharpML is C and Python based tool that performs a number of operations with a view to mining file shares, queryin...

Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18

School is fully back in session for kids all across the world, and for many students, that means logging back online to learn, do homework, submit assignments, and maybe even continue some distance learning, depending on their schools pandemic precautions. But with more Internet activity comes...

Monitoring Our Hay Storage with Edge Connect and Machine Learning

What do hay storage, Akamai’s Edge Connect solution, and machine learning have in common? We use the serverless machine learning system to keep our hay storage safe and secure...

A week in security (Sept 13 – Sept 19)

Last week on Malwarebytes Labs Why backups aren’t a “silver bullet” against ransomware, with Matt Crape: Lock and Code S02E17 The many tentacles of Magecart Group 8 Apple releases emergency update: Patch, but don’t panic Update now! Google Chrome fixes two in-the-wild zero-days Parts of the Dark...

Former US Intelligence Operatives Admit They Hacked for UAE

Plus: Remote learning spyware, an AT bribery scandal, and more of the week's top security news...

Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do

After more than 20 years of underwhelming results, security leaders have accepted their intrusion detection system IDS programs as no more than a compliance checkoff. It’s no secret that IDS’s reliance on bi-modal signatures is brittle, easily evaded and often referred to as an “alert cannon.” Ti...

Akamai’s Flagship Customer Enablement Program, Akamai University, Wins Gold “Excellence in Learning” Award

The Technical Enablement and Education team, part of Akamai’s Global Services organization, has won a coveted Brandon Hall Group Gold award for “Best Customer Training Program,” for Akamai’s flagship customer training and enablement program, Akamai University...

Security Bulletin: A vulnerability in Bouncy Castle affect IBM Watson Machine Learning Accelerator

Summary A vulnerability exists in the Bouncy Castle version used by IBM Watson Machine Learning Accelerator. Bouncy Castle upgrade to version 1.69 which resolves these vulnerabilities, is available on IBM Fix Central. Vulnerability Details CVEID: CVE-2020-15522 DESCRIPTION: Bouncy Castle BC Java,...

The vulnerability of the Chamilo LMS system for electronic teaching and content management arises from the lack of measures taken to protect the website structure. This allows attackers to execute arbitrary codes.

The vulnerability of the main/social/search.php and main/inc/lib/social.lib.php functions of the Chamilo LMS e-learning and content management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute...

Parts of the Dark Web “awash” with school children’s personal data

NBC News has collected and analyzed a trove of childrens personal information it discovered on the Dark Web. Even though this information may not be as useful to cybercriminals as credit card details or login credentials, the information is still out there, where we don’t want it. So what is it,...

Now Live: On-Demand Learning and Hands-On Labs at Learn Akamai

I’m excited to announce our new all-inclusive Learning Hub as the single destination for all product learning resources at Akamai. This new Hub gives users the ability to choose the method of learning that suits them best, whether that’s reading through technical documentation, exploring our...

Security Bulletin: Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D

Summary TensorFlow is vulnerable to a denial of service on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-29538 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by division by zero in Conv2DBackpropFilter. By sending a specially-crafted request, a...

Security Bulletin: Golang Go Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-33194)

Summary Golang Go is vulnerable to a denial of service, caused by an infinite loop in golang.org/x/net/html on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-33194 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an infinite loop in...

Security Bulletin: Golang Go Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-31525)

Summary Golang Go is vulnerable to a denial of service, caused by a flaw in net/http on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-31525 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted header ...

Security Bulletin: Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D

Summary TensorFlow is vulnerable to a denial of service on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-29608 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by a heap out-of-bounds and NULL pointer dereference flaw in "RaggedTensorToTensor". By...

Is Traffic Mirroring for NDR Worth the Trouble? We Argue It Isn't

Network Detection & Response NDR is an emerging technology developed to close the blind security spots left by conventional security solutions, which hackers exploited to gain a foothold in target networks. Nowadays, enterprises are using a plethora of security solutions to protect their network...