NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 26 December 2024

    Cyber Security News
    1
    1
    46
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Vulnerabilities

      • Critical SQL Injection Vulnerability In Apache Traffic Control Rated 9.9 CVSS — Patch Now
        "The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulnerability, tracked as CVE-2024-45387, is rated 9.9 out of 10.0 on the CVSS scoring system."
        https://thehackernews.com/2024/12/critical-sql-injection-vulnerability-in.html
        https://lists.apache.org/thread/t38nk5n7t8w3pb66z7z4pqfzt4443trr
        https://securityaffairs.com/172307/security/apache-traffic-control-critical-flaw.html

      Breaches/Hacks/Leaks

      • Pittsburgh Regional Transit Attributes Recent Service Disruptions To Ransomware Attack
        "A recent ransomware attack is causing significant disruptions to public transportation in the Pittsburgh area. Pittsburgh Regional Transit (PRT) said on Monday that it is “actively responding to a ransomware attack that was first detected on Thursday, December 19.” Law enforcement is involved in the response and an investigation has kicked off alongside cybersecurity experts. “While rail service experienced temporary disruptions on Thursday morning, transit services are currently operating as normal,” the agency said."
        https://therecord.media/pittsburgh-regional-transit-attributes-disruptions-to-ransomware-attack

      General News

      • Cybersecurity Resolutions: Skill Sets To Prioritize In 2025
        "As we enter 2025, the cybersecurity landscape demands more than just maintaining the status quo. New threats, evolving technologies and heightened regulatory scrutiny require professionals to set clear resolutions that sharpen their abilities and expand their impact. By committing to targeted skill development, cybersecurity experts can shape a more resilient digital future for themselves and the organizations they protect."
        https://www.bankinfosecurity.com/blogs/cybersecurity-resolutions-skill-sets-to-prioritize-in-2025-p-3786
      • SEO Poisoning: How Cybercriminals Are Turning Search Engines Into Traps
        "Did you know that over 80% (PDF) of cyberattacks exploit online platforms, including search engines? These indispensable tools guide billions of users to the content they seek, but their trustworthiness can be weaponized. Cybercriminals are exploiting search engine optimization (SEO) techniques to distribute malware, launch phishing attacks, and spread harmful content. This practice, known as SEO poisoning, manipulates search results to lure unsuspecting users into clicking on malicious links."
        https://hackread.com/seo-poisoning-how-scammers-search-engines-traps/

      อ้างอิง
      Electronic Transactions Development Agency(ETDA) c2df4417-604d-43c2-af8a-278fda71261e-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post