Aggregator

Windows逆向之脱壳-脱壳实战

记一次XunRuiCMS反序列化任意文件删除的审计过程

Tcache Stashing Unlink Attack

CVE-2024-37704 MySQL-Connector-Java SQL注入漏洞原理分析及漏洞利用

FTP协议-匿名用户登录 从0到1

长城杯决赛内网渗透部分

实战-搞定小程序加解密通过遍历导致信息泄露

TryHackMe靶场-Holo【Windows域渗透】

DNS 解析数据大局观 by Avenger

Elastic与Wazuh的SIEM选型对比 by swim

更多最新文章，请访问SecWiki

Chinese StormBamboo APT compromised ISP to deliver malwareA China-linked APT, tracked as Storm

A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity researchers reported that a China-linked APT group, tracked as StormBamboo (aka Evasive Panda, Daggerfly, and StormCloud), successfully compromised an undisclosed internet service provider (ISP) in order to poison DNS responses for target organizations. The threat actors targeted […]

苹果开始向参与集体诉讼的客户支付蝴蝶键盘事件的赔偿金。2015-2019 年之间生产的 MacBook 配备了蝴蝶键盘，直到 2020 年苹果用 Magic Keyboard 替换了它。蝴蝶键盘因其设计容易发生故障，苹果遭到了集体诉讼，2022 年苹果同意向符合资格的客户支付 5000 万美元和解金，该和解协议于去年 5 月获得批准，本周苹果开始向客户寄出赔偿金。两次或两次以上更换保护壳的客户有资格获得最高 395 美元赔偿金，更换一次保护壳的客户可获得 125 美元，更换键帽的客户可获得 50 美元。

error code: 1106

The "Open Source AI Manifesto"Mark Zuckerberg has been hated by Richard Stallman for decades, and h

Authors/Presenters:Qi Liu, Jieming Yin, Wujie Wen, Chengmo Yang, Shi Shay

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – NeuroPots: Realtime Proactive Defense against Bit-Flip Attacks in Neural Networks appeared first on Security Boulevard.

Authors/Presenters:Qi Liu, Jieming Yin, Wujie Wen, Chengmo Yang, Shi Shay Many thank

A vulnerability classified as critical was found in IBM Planning Analytics Local 2.0/2.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. This vulnerability is known as CVE-2024-35143. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Commonly, we only consider the members of a famous mailing list initiated by Tim May, John Gilmore,

Stay up to date with cybersecurity news! Our Weekly Cybersecurity Newsletter provides a curated summary of the most important updates, trends, and insights from the cybersecurity world. Whether you’re an IT professional, a business executive, or just someone interested in protecting your online life, our newsletter is designed to keep you informed. Our cybersecurity team […]

The post Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More appeared first on Cyber Security News.

A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor. [...]