Aggregator

议题将分享斗象科技在线安全运营、实战安全服务、众包模式等一体化安全服务创新模式实践。

Участники соревнований установили рекорд на Pwn2Own Ireland.

利用MSIX安装包传播恶意软件攻击样本的详细分析

Инженеры из Веллингтона создают искусственное Солнце на Земле.

A vulnerability was found in Contact Form 7 + Telegram Plugin up to 0.8.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Subscription Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2024-9629. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Vmware Spring Security up to 6.3.3 and classified as critical. This issue affects some unknown processing of the component WebFlux. The manipulation leads to improper authorization. The identification of this vulnerability is CVE-2024-38821. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

参与 SpaceX 载人航天任务的一名宇航员出现「医疗问题」并住院；抖音出手整治：严打 AI 骗取老年人行为

Защита ядра оказалась бессильной перед новым PoC-эксплойтом.

A vulnerability, which was classified as problematic, has been found in Accela Civic Platform up to 20.1. This issue affects some unknown processing of the file ssoAdapter/logoutAction.do. The manipulation of the argument successURL leads to cross site scripting. The identification of this vulnerability is CVE-2021-34370. The attack may be initiated remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.

本篇文章主要以Windows域环境为基础，记录了一些在内网渗透过程中需要知道的一些基本知识点，记录较为简练概括，方便以后自己扩展学习。

ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks. ReliaQuest researchers warn that Black Basta ransomware affiliates switched to Microsoft Teams, posing as IT support to deceive employees into granting access. The BlackBasta ransomware operators were spotted posing as corporate help desks and contacting employees to help […]

Связка функций требует особой настройки для предотвращения атаки с откатом обновлений.

《报告》深入剖析我国网络安全产业发展面临的总体形势。

构建高效、安全、可追溯的网络管理环境。

Filigran announces the completion of its $35 million Series B fundraise, led by global software investor Insight Partners, with continued support from existing investors Accel and Moonfire. This new round of funding comes just months after the company’s $16 million Series A, underscoring Filigran’s impressive growth and commitment to expanding its global footprint and accelerating product innovation. This funding will fuel the company’s global expansion, particularly in the United States and the Pacific region, while … More →

The post Filigran raises $35 million to drive global expansion appeared first on Help Net Security.

De 29 internationale cursisten van de Weapon Instructor Course (WIC) voeren de komende 2 weken grootschalige luchtgevechten uit. Dit is de laatste fase van hun opleiding tot wapeninstructeur. Er wordt gevlogen vanaf Vliegbasis Leeuwarden, zowel overdag als in de avonduren.

天文学家利用韦伯望远镜发现了流浪类星体。它们周围几乎没有邻居，引发了对它们如何在 130 亿年前起源的疑问。类星体是遥远星系的明亮核心，由于其中心的超大质量黑洞在大肆吞噬周围的物质，释放出巨大的能量，它们因此成为宇宙中最明亮的天体之一。但 MIT 研究人员领导的一项研究发现了多个早期的古老类星体，其周围没有致密的星系环境，这意味着周围没有太多物质驱动类星体中心超大质量黑洞的生长。这些孤独的类星体挑战了物理学家对其形成的理由。