Aggregator

2月12日，绿盟科技CERT监测到微软发布2月安全更新补丁，修复了63个安全问题，涉及Windows、Microsoft Office、Azure、Apps等广泛使用的产品，其中包括权限提升、远程代码执行等高危漏洞类型。

Armor unveiled Nexus, a platform designed to provide transparency, proactive risk reduction, and intelligent support for large, complex organizations to ensure an adaptable, comprehensive, and unified cybersecurity strategy. With Nexus, Armor Defense reinforces its commitment of being the trusted security partner of choice for organizations worldwide. Full SOC transparency Nexus provides a window into the heart of the Armor Security Operations Center (SOC), allowing organizations to view every action taken to neutralize threats in real-time. … More →

The post Armor Nexus reduces an organization’s attack surface appeared first on Help Net Security.

0x00 前言

最近发现某款APP无法正常使用，打开后地图页面是空白内容，无法显示和使用地图。经过排查，原来是开发者更新了百度地图的API Key，导致旧版本的APP无法正常访问地图服务。

欢迎与会者届时前来交流。

Обновление затрагивает ключевые компоненты системы, включая драйверы и защищённое ядро.

安天CERT从“赛博超脑”平台样本库中提取了上述两个僵尸网络所使用的僵尸木马样本，进行了进一步分析工作。

Google продолжает расширять возможности браузера. Но при чем здесь ИИ…

KDE 项目释出了 KDE Plasma 6.3，主要新特性包括：改进了 KWin 的分数缩放功能，提供了更好的桌面体验；KDE Night Light 的屏幕颜色更精确；KDE System Monitor 中的 CPU 利用率监视更精确 CPU 占用更少；当内核因系统内存不足而终止某个应用时 KDE 会显示通知；改进 Discover 应用，增加沙盒应用安全性；改进 KDE System Settings；等等。

之前简单审计过DedeBIZ系统，网上还没有对这个系统的漏洞有过详尽的分析，于是重新审计并总结文章，记录下自己审计的过程。

Thales has announced the launch of OneWelcome FIDO Key Lifecycle Management, a new solution to help large organizations successfully deploy and manage FIDO security passkeys at scale. OneWelcome FIDO Key Lifecycle Management combines an interoperable management platform with Thales hardware FIDO security keys (passkeys) specifically designed by Thales for use in large organizations. The solution helps CISOs accelerate and secure their passwordless journey by managing FIDO security keys at scale, in a simple and efficient … More →

The post Thales unveils OneWelcome FIDO Key Management for scalable passkey security appeared first on Help Net Security.

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年2月3日至2025年2月9日）安全漏洞情况如下。

近日，微软官方发布了多个安全漏洞的公告，其中微软产品本身漏洞59个，影响到微软产品的其他厂商漏洞1个。

Как ИИ пытается захватить кресла разработчиков.

EchoMark launched its new API. The API seamlessly integrates EchoMark’s watermarking and leak detection capabilities directly into workflows and applications, protecting sensitive information without disrupting current operations. EchoMark is the only company to watermark plain text. Having pioneered forensic watermarking on text-based documents and images, introducing an API is a natural progression — further strengthening EchoMark’s position in advanced information security solutions. With EchoMark’s API, application vendors and organizations can programmatically apply invisible, forensic watermarks … More →

The post EchoMark’s API detects, investigates, and identifies the source of data leaks appeared first on Help Net Security.

Удаленный доступ силовиков к данным вызывает вопросы у бизнеса.