Aggregator

От заражения вирусами не защищены даже сами хакеры.

阅读： 1一、热点资讯1.流氓WHOIS服务器成黑客“核武器”【标签】WHOIS【概述】近日，网络安全公司watchTowr创始人本杰明·哈里斯撰文透露他仅

error code: 520

Группировка хакеров стала главным игроком в кибератаках на госструктуры.

A vulnerability has been found in linlinjava litemall 1.8.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file AdminGoodscontroller.java. The manipulation of the argument goodsId/goodsSn/name parameters leads to sql injection. This vulnerability is known as CVE-2024-46382. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Kastle Systems Access Control System. It has been classified as critical. Affected is an unknown function. The manipulation leads to hard-coded credentials. This vulnerability is traded as CVE-2024-45861. It is possible to launch the attack remotely. There is no exploit available. This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.

A vulnerability was found in Kastle Systems Access Control System. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cleartext storage of sensitive information. This vulnerability is known as CVE-2024-45862. The attack can be launched remotely. There is no exploit available. This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves.

A vulnerability has been found in Google Deepmind Reverb and classified as problematic. Affected by this vulnerability is an unknown functionality of the component RPC Endpoint. The manipulation leads to deserialization. This vulnerability is known as CVE-2024-8375. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in FreeImage up to 3.18.0. It has been classified as critical. Affected is an unknown function of the file PluginXPM.cpp of the component libfreeimage. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2024-31570. Access to the local network is required for this attack. There is no exploit available.

如何对网络暴力信息进行有效治理已成为各国共同面临的难题。针对这一问题，法国、日本两国通过一系列的举措，重点从网络信息内容审查及青少年网络暴力保护两个层面展开治理，有一定的借鉴意义。

日前，联合国国际电信联盟发布《全球网络安全指数2024年版》报告指出，全球各国正在普遍加强网络安全措施。与前一版相比，各国都采取了更多网络安全措施，并且加强了网络安全承诺。然而，当前网络安全威胁不断演进，各国仍需要采取更多措施妥善应对。

截至目前，全国公安机关网安部门已办理网络谣言类案件2.7万余起，依法查处造谣传谣网民3.1万余人，依法关停违法违规账号19.9万余个，清理网络谣言信息156.2万余条。今日，公安部公布5起打击整治“移花接木”拼接网络谣言违法犯罪典型案例。

随着人工智能研发不断深入，深伪技术也愈发成熟，深伪技术在一些行业的应用前景正越来越广泛。但是，作为一把锋利的“双刃剑”，在享受深伪技术红利的同时，也不能忽视其可能令不法分子犯罪效率更高、隐蔽性更强、社会危害性更大的巨大潜在风险。

自《全球人工智能治理倡议》发布以来，以大模型为代表的通用人工智能技术快速发展，人工智能安全治理受到国际社会广泛关注。为进一步深化落实《倡议》，促进人工智能产业健康、可持续发展，全国网安标委适时地颁布了《人工智能安全治理框架》。

软件技术是数字政府和企业数字化发展的基石，是关键信息基础设施中的重要组成部分，软件安全则是保障政府和企业数字化健康发展的前提和安全发展的底座。近年来，由于软件安全缺陷而引发的安全事件层出不穷。

欢迎订阅《中国信息安全》杂志！

一场横扫ATM机、游戏机和企业服务器的安全风暴。

财富500强排名第十

A vulnerability classified as very critical was found in Hikvision DS-2CD7153-E -/4.1.0 B130111. Affected by this vulnerability is an unknown functionality of the component Packet Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2013-4977. The attack can be launched remotely. Furthermore, there is an exploit available.

Полиция Германии закрыла 47 теневых криптообменников и начинает поиск преступников.