Aggregator

ML, NLP Tools Collect More Personal Information Than Required, U.K. Regulator Says
Artificial intelligence tools currently used by organizations in the United Kingdom to screen job applicants pose privacy risks and are susceptible to bias and accuracy issues, the U.K. Information Commissioner's Office found. The ICO focused on machine learning and natural language processing.

Also: Potential Government Policy Changes; AI-Driven Zero-Day Discoveries
In the latest weekly update, ISMG editors discussed how the recent election results may reshape U.S. cybersecurity policy and healthcare privacy under HIPAA and the groundbreaking role of artificial intelligence in Google’s recent discovery of a critical zero-day vulnerability.

“ 在安卓APP逆向分析领域，相信很多小伙伴都曾经遇到过这样的问题：面对加壳的APP，如何才能有效地突破其保护机制，深入分析其内部逻辑？尤其是当遇到一些顶级的加固壳时，传统的逆向分析方法往往难以奏效。

前段时间看到复现分析GL-iNet路由器CVE-2024-39226漏洞的两篇文章，看完也跟着了分析下，固件仿真过程踩了一些坑，开始我直接用Ubuntu24的qemu-system-arm跟着操作都会

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Molte tipologie di test di sicurezza, sia in contesti offensivi che in attività di controllo pe

A vulnerability, which was classified as critical, has been found in Adobe Flash Player up to 11.2.202.548/18.0.0.261/19.0.0.245. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2015-8421. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Flash Player up to 11.2.202.548/18.0.0.261/19.0.0.245. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2015-8420. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Authors/Presenters: Aaron “d

A vulnerability classified as critical was found in Genetec Security Center. Affected by this vulnerability is an unknown functionality. The manipulation leads to use of externally-controlled input to select classes or code. This vulnerability is known as CVE-2024-7059. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in QNAP Signage Station up to 2.0.0. Affected by this vulnerability is an unknown functionality. The manipulation leads to authentication bypass by spoofing. This vulnerability is known as CVE-2015-6036. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Adobe Flash Player up to 11.2.202.548/18.0.0.261/19.0.0.245. Affected is an unknown function. The manipulation leads to use after free. This vulnerability is traded as CVE-2015-8422. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

2018 年，公司现金水位最低的时候，账上只剩 930 万，不够花一年

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- --------------------------------------------------