Son zamanlarda çevremdeki arkadaşlarım veya müşterilerimden çokça mail, telefon almaya başladım, konu gelende panik hali ile başlıyor ve USOM bize mail attı, konu “USOM Duyuru Faaliyetleri: Güvenlik Açıklıkları” şeklinde, aşağıda IP adresleri, aksiyonlar falan var, galiba bizim sistemler hacklenmiş veya sistemlerimize zararlı yazılımlar bulaşmış, acil aksiyon almamız gerekiyor, destek olurmusun şeklinde başlıyor ve konu üzerine derinlemesi sorular …
Tag: USOM Para Cezası
Category
RECENT VULNERABILITIES
- CVE-2023-33778Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize […]
- CVE-2023-33461iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return.
- CVE-2023-33716mp4v2 v2.1.3 was discovered to contain a memory leak via the class MP4StringProperty at mp4property.cpp.
- CVE-2023-33719mp4v2 v2.1.3 was discovered to contain a memory leak via MP4SdpAtom::Read() at atom_sdp.cpp
- CVE-2023-29748Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the application is opened. When an attacker injects […]
- CVE-2023-34312In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
- CVE-2023-29159Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.
- CVE-2023-28657Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As a result, information regarding the product may be obtained and/or altered by the user.
- CVE-2023-28824Server-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may bypass the database restriction set on the query setting page, and connect to a user unintended database.
- CVE-2023-30758Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.
Last Tweets
Sorry, no Tweets were found.
Recent Posts
- Nessus Truncated Packets Uyarısı
- Nessus Tarama Sorunu (Network Congestions, Truncated)
- Ubuntu Resolv.conf Dosyasının Reboot Sonrası Değişmesi Sorunu
- NMAP Tarama Sonucunda HTML Rapor Oluşturmak
- Kali İşletim Sistemine Komut Satırından Proxy Ekleme
- USOM Duyuru Faaliyetleri: Güvenlik Açıklıkları
- E-Ticarette Güven Damgası Dönemi ve Sızma Testi
- TestHive – Penetration Testing Talks
- Sızma Testi Bulguları İçin Reçete
- Kayhan Kayıhan – IETT siber saldırı röportajı
Followed By
Links
- Ağ Güvenliği
- Ask Ubuntu
- BGA Blog
- BH Leaks
- Bilgi Güvenliği
- Blackhat Scene
- CEH Türkiye
- Computer Security With Ethical Hacking
- Çözüm Park
- CVE
- Dark Reading
- DistroWatch
- Dünya Gerçeğim
- E-Hacking News
- Elite Hackers
- EnderUnix
- Hack a Day
- Hack PC Online
- Hack PC Online
- Hackers Online Club
- In Secure
- Indian Hack Word
- Infosec Institute
- Internet Hukuku
- Ipucu EnderUnix
- Learn Hacking
- Linux Akademi
- Log Yönetimi
- Lostar Blog
- Net Security
- Packet Storm Security
- Pardus
- Saint Andrew's Paradise
- Sec Savvy
- Secure List
- Security Focus
- Security Phresh
- Security Space
- Security Stack Exchange
- Security Stack Exchange
- Security Tube Training
- SecurityXploded
- The Hacker News
- Top Ten Reviews
- We Live Security
- White Hat Security