Aggregator

OpenAI впервые раскрыла изнанку воспитания своего чат-бота.

总结推荐本周的热点资讯、安全事件、一周好文和省心工具，保证大家不错过本周的每一个重点！

加上这两个漏洞，苹果公司在 2024 年已修复了 6 个零日漏洞。

该公司发言人表示福特公司已经意识到并正在积极调查有关福特数据被泄露的指控。

DLP защищают от утечек: это база. Но этим польза систем не ограничивается.

In this Help Net Security interview, Ben Colman, CEO of Reality Defender, discusses the challenges of detecting high-quality deepfakes in real-world applications. He addresses the effectiveness and limitations of watermarking, AI-based detection, and the potential of emerging technologies in securing media authenticity. Colman also emphasizes the importance of public education, sector-specific AI implementation, and proactive research collaboration to counter rapidly advancing deepfake tactics. Given the evolution of deepfake generation technologies, what are the current limitations … More →

The post The limits of AI-based deepfake detection appeared first on Help Net Security.

❗Disclaimer: This is Part 5 of our six-part series on Advanced Web Scraping. Just joining us? Start

One of the largest gambling companies in the U.S. said a cyberattack last week caused massive disru

中国量子技术相关专利已超过美国位居世界第一。中国累计拥有 3217 项相关专利，超过了拥有 2740 项专利的美国。其中安徽本源量子计算科技 2021-2024 年新增了 363 项专利，超过了新增 212 项专利的美国 IBM，它在按团体统计的量子计算机公开专利排名中位居第一。在本源量子的公开专利中，数量最多的论文是控制量子计算机的软件“量子操作系统”。其次是与量子芯片相关的专利。本源的量子计算机要在超低温环境下运行，该公司表示已成功自主研发出实现这种运行环境所需要的主要设备——稀释制冷机。

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. This vulnerability was named CVE-2023-2246. The attack can be initiated remotely. Furthermore, there is an exploit available.

Hundreds of websites used by an Egyptian cybercriminal to sell “do-it-yourself” phishing kits have

In this Help Net Security video, Dror Liwer, co-founder of Coro, discusses how the EU’s NIS2, its latest security directive for businesses, officially became enforceable recently. This means EU companies face more demanding requirements for internal cyber resilience strategies and practices. Small businesses will face growing pains around these requirements since those with 50 or more employees and an annual turnover of €10 million are considered “Important or Essential” and must comply.

The post Why the NIS2 Directive causes growing pains for businesses appeared first on Help Net Security.

作者：知道创宇404高级威胁情报团队 日期：2024年11月22日 English version: https://paper.seebug.org/3241/ 1. 事件背景 近期，知道创宇404高级威胁情报团队在日常跟踪APT过程中发现了APT-K-47组织利用“朝觐”话题发起的攻击活动，攻击者利用CHM文件执行相同目录下的恶意载荷。最终载荷功能比较简单，仅支持cmd shell，且使...

​Microsoft has released the November 2024 preview cumulative update for Windows 11 24H2, wit

A vulnerability was found in Apple macOS up to 13.6/14.6. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-44267. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple macOS and classified as problematic. This issue affects some unknown processing of the component Font Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-44302. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple visionOS. It has been classified as problematic. Affected is an unknown function of the component Font Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-44302. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Font Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-44302. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.