182 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Free UAF in smb2isvalidoplockbreak. Skipped sessions that are being torn down status == SESEXITING to avoid UAF...
Astra Linux - уязвимость в firefox, thunderbird
The Opportunistic Encryption feature of HTTP2 RFC 8164 allows a connection to be transparently upgraded to TLS while maintaining the visual properties of an HTTP connection. This means that the connection remains within the same origin as unencrypted connections on port 80. However, if a second...
Making opportunistic cyberattacks harder by design
This is part of a series of blogs and interviews conducted with our Microsoft Deputy CISOs , in which we surface a number of mission-critical security recommendations and best practices that businesses can enact right now and derive real meaningful benefits from. In this article, Ilya Grebnov,...
Making opportunistic cyberattacks harder by design
This is part of a series of blogs and interviews conducted with our Microsoft Deputy CISOs , in which we surface a number of mission-critical security recommendations and best practices that businesses can enact right now and derive real meaningful benefits from. In this article, Ilya Grebnov,...
Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure
CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy, Environmental Protection Agency, the Department of Defense Cyber Crime Center, and other international partners published a joint cybersecurity advisory, Pro-Russia Hacktivists Create...
EUVD-2021-24959
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-38507
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Opportunistic Encryption feature of HTTP2 RFC 8164 allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. bsc1246305 CVE-2024-47252: Fixed insufficient...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. bsc1246305 CVE-2024-47252: Fixed insufficient...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. bsc1246305 CVE-2024-47252: Fixed insufficient...
GNSS Spoofing Detection Based on Opportunistic Position Information
The limited or no protection for civilian Global Navigation Satellite System GNSS signals makes spoofing attacks relatively easy. With modern mobile devices often featuring network interfaces, state-of-the-art signals of opportunity SOP schemes can provide accurate network positions in replacemen...
CVE-2025-4820
Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...
CVE-2025-4820
Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...
CVE-2025-4820
Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...
CVE-2025-4820 Incorrect congestion window growth by optimistic ACK
Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...
CVE-2025-4820 Incorrect congestion window growth by optimistic ACK
Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...
CVE-2020-15530
An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...
Vector Command Opportunistic Phishing Blog
Gone Phishing with Vector Command During one of our customer engagements, our red team will continuously attack your network to see if we can exploit a vulnerability. One of the tactics, techniques and proceduresTTPs we use is “Opportunistic Phishing”. First, let’s share a quick reminder about...
ELLIO and ntop Partnership Enhances Real-Time Network Traffic Monitoring
By Cyber Newswire ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic scans, botnets, and… This is a post from HackRead.com Read the original post: ELLIO and ntop Partnership Enhances Real-Time Network Traffic Monitoring...
ELLIO and ntop Partnership Enhances Real-Time Network Traffic Monitoring
By Cyber Newswire ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic scans, botnets, and… This is a post from HackRead.com Read the original post: ELLIO and ntop Partnership Enhances Real-Time Network Traffic Monitoring...