Aggregator
В интересах веб-индустрии: Google инициирует коллективное развитие Chromium
2 months 3 weeks ago
Открытый браузерный проект получит дополнительное финансирование от IT-гигантов.
Fake PoC Exploit Targets Security Researchers with Infostealer
2 months 3 weeks ago
Trend Micro detailed how attackers are using a fake proof-of-concept for a critical Microsoft vulnerability, designed to steal sensitive data from security researchers
CVE-2019-8717 | Apple tvOS up to 12.7 Kernel memory corruption (EDB-47479)
2 months 3 weeks ago
A vulnerability was found in Apple tvOS. It has been rated as critical. Affected by this issue is some unknown functionality of the component Kernel. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2019-8717. Attacking locally is a requirement. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
一周网安优质PDF资源推荐丨FreeBuf知识大陆
2 months 3 weeks ago
我们精选了本周知识大陆公开发布的10条优质资源,让我们一起看看吧。
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
2 months 3 weeks ago
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
2 months 3 weeks ago
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that's disguised as an employee CRM application as part of a supposed recruitment process.
"The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website," the company said. "Victims are prompted to
The Hacker News
2025 年的网络安全: 全球冲突、成熟的人工智能和群众的智慧
2 months 3 weeks ago
安全客
听摇滚黑客2025演唱会 享滴滴打车五折优惠
2 months 3 weeks ago
摇滚精神不死,网安创业不息——我们同样希望“摇滚黑客2025演唱会”能通过它特有的表达方式,激励所有正在创业路上的所有网络安全行业从业者们。在1月11日这个一年中最寒冷的“四九天”,给所有人带来温暖和
【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!
2 months 3 weeks ago
入场须知演出地点:福浪LIVEHOUSE-福(朝阳区奥园西路北投1314园区西南门内直走)现场时间:观众入场时间:19:00演出时间:20:00无周边售卖,无签售,无合影*以上时间及安排仅供参考,如有
听摇滚黑客2025演唱会 享滴滴打车五折优惠
2 months 3 weeks ago
2025年1月11日,20:00,北京·福浪LIVEHOUSE,等你来!
【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见!
2 months 3 weeks ago
2025年1月11日,20:00,北京·福浪LIVEHOUSE,等你来!
权威认可|悬镜再次入选2024年度毕马威中国金融科技企业双50强
2 months 3 weeks ago
凭借在金融科技领域丰富的落地成果和领先的市场应用表现,悬镜安全成功入选毕马威中国金融科技企业双50榜单。
Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025
2 months 3 weeks ago
Organizations are facing escalating threats from phishing attacks, personal app usage and the wi
Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025
2 months 3 weeks ago
Organizations are facing escalating threats from phishing attacks, personal app usage and the widespread adoption of generative AI (GenAI) in workplaces. According to a Netskope report, phishing attacks surged in 2024, with enterprise employees clicking on phishing links at a rate nearly three times higher than in 2023. The study found phishing campaigns have evolved..
The post Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025 appeared first on Security Boulevard.
Nathan Eddy
CVE-2006-3929 | Zyxel Prestige 660H-61 3.40(pt.0)b32 a cross site scripting (EDB-28283 / XFDB-28021)
2 months 3 weeks ago
A vulnerability was found in Zyxel Prestige 660H-61 3.40(pt.0)b32 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument a leads to basic cross site scripting.
This vulnerability is handled as CVE-2006-3929. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Pwn入门之格式化字符串漏洞
2 months 3 weeks ago
在格式化字符串漏洞中,我们所读取的格式化字符串都是在栈上,这是由所读取的格式化字符串的特性决定的,是某个函数的局部变量,而栈的作用就是用于存储局部变量和函数调用信息。
Pwn入门之格式化字符串漏洞
2 months 3 weeks ago
声明:Tide安全团队原创文章,转载请声明出处!文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途给予盈利等目的,否则后果自行承担!技术永无止境一声晴空霹雳,鸽王再
Pwn入门之格式化字符串漏洞
2 months 3 weeks ago
在格式化字符串漏洞中,我们所读取的格式化字符串都是在栈上,这是由所读取的格式化字符串的特性决定的,是某个函数的局部变量,而栈的作用就是用于存储局部变量和函数调用信息。
How safe is posting on forums on the darkweb?
2 months 3 weeks ago