Aggregator

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士Mozilla 发布紧急安全更新，修复了 Firefox 浏览器中的一个严重的释放后使用漏洞 (CVE-2024-9680)，目前该漏洞已遭利用。该

足球玩家可能想象不到，FIFA 和 PES 有一天会以合作的形式联系在一起。FIFA 与 EA 因为授权费用而分道扬镳，FIFA 据报道想要获得每年 2.5 亿美元的授权费，EA 认为这一金额无法接受，它也许愿意接受 5000 万美元或 1 亿美元的冠名授权费，但 2.5 亿美元超出了它愿意支付的范围。EA 开发的 FIFA 2023 是最后一款冠名 FIFA 的足球游戏，此后的游戏都改名为 EA Sports FC。FIFA 表示它计划推出一款与 EA Sports FC 竞争的足球游戏，然而它至今没有找到一家愿意参与此事的游戏开发商。现在它找到了 EA Sports 的长期竞争对手科乐美（Konami），不过不是让曾经的 PES 冠名为 FIFA，而只是在游戏活动上进行合作：科乐美和 FIFA 宣布合作推出 FIFAe World Cup eSports 锦标赛活动，这一赛事将在今年晚些时候向 eFootball（旧名 PES）玩家推出。

CyberAv3ngers利用AI寻找默认密码和漏洞，编写bash和Python脚本，增强攻击能力。

代码如同神秘的魔法，而掌握调试工具就是魔法师手中的魔杖。本周更新多节x64dbg 是一款开源、免费、功能强大的动态反汇编调试器，能够在 Windows 平台上进行应用程序的反汇编、调试和分析工作，特别

近日，Internet Archive 遭到了黑客攻击，被窃取了一个包含3100万条记录的用户认证数据库。 互联网档案馆（Internet Archive）是一家非营利性的数字图书馆，旨在提供免费、普

一概述CAN 协议即控制器局域网络 (Controller Area Network)简称，由研发和生产汽车电子产品著称的德国 BOSCH 公司开发，成为国际标准ISO11519以及ISO11898。

·SDC2024 议题预告 ·01Rust 的安全幻影：语言层面的约束及其局限性本议题深入分析了 Rust 编程语言的编译二进制文件及其现有的安全问题。Rust 语言的安全机制源自于其背后的约束，Ru

Thursday, October 10,

The Internet Archive said its site is still being knocked offline by hackers who allegedly stole da

GAO: SSA Fails to Meet Industry and Federal Electronic Verification System Goals
The Social Security Administration is facing criticism for failing to update its fraud prevention technology, leaving financial institutions and federal authorities at risk of missing synthetic identity scams, according to a new Government Accountability Office report.

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance
Relyance AI raised $32 million in Series B funding to grow its data governance platform. The funds will be used to scale operations, enhance real-time data visibility, and support enterprises in complying with complex global privacy regulations, ensuring responsible AI adoption across industries.

Impact Is "What We Would Have Hoped For," Says NCSC CTO Ollie Whitehouse
A British cybersecurity official touted Operation Cronos, an international operation against LockBit, saying multiple strikes aimed at the ransomware-as-a-service have disrupted its ability to recruit hackers. The operation has resulted in indictments, sanctions, and server takedowns.

Act Imposes Mandatory Patching for IoT Devices
The European Council on Thursday adopted security-by-design regulation that makes patching and vulnerability updates mandatory for connected devices. The regulation will ensure that "products with digital components are made secure throughout the supply chain and throughout their life cycle."

GAO: SSA Fails to Meet Industry and Federal Electronic Verification System Goals
The Social Security Administration is facing criticism for failing to update its fraud prevention technology, leaving financial institutions and federal authorities at risk of missing synthetic identity scams, according to a new Government Accountability Office report.

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance
Relyance AI raised $32 million in Series B funding to grow its data governance platform. The funds will be used to scale operations, enhance real-time data visibility, and support enterprises in complying with complex global privacy regulations, ensuring responsible AI adoption across industries.

Impact Is "What We Would Have Hoped For," Says NCSC CTO Ollie Whitehouse
A British cybersecurity official touted Operation Cronos, an international operation against LockBit, saying multiple strikes aimed at the ransomware-as-a-service have disrupted its ability to recruit hackers. The operation has resulted in indictments, sanctions, and server takedowns.

Act Imposes Mandatory Patching for IoT Devices
The European Council on Thursday adopted security-by-design regulation that makes patching and vulnerability updates mandatory for connected devices. The regulation will ensure that "products with digital components are made secure throughout the supply chain and throughout their life cycle."