Aggregator

俄罗斯安全公司 Dr.Web 披露了针对前线军人的新 Android 间谍软件。该间谍软件会窃取感染设备的联系人信息并跟踪他们的位置。间谍软件隐藏在修改版的地图软件 Alpine Quest 中，该软件的用户包括了在乌克兰前线作战的俄罗斯军人。软件可以显示各种地形图，可以离线或在线使用。植入了间谍软件的 Alpine Quest 通过 Telegram 频道和非官方的 Android 应用库推广。Dr.Web 的研究人员将其恶意模块命名为 Android.Spy.1292.origin 中，它窃取的信息包括：手机号码及其账户、通讯录、当前日期、当前地理位置、存储文件相关信息——如果存在攻击者感兴趣的文件他们会进行窃取。

The Federal Bureau of Investigation (FBI), in partnership with the U.S. Department of State, has announced a reward of up to $10 million for information leading to the identification or location of individuals connected to the recent “Salt Typhoon” cyberattacks. The campaign, which is believed to be linked to actors affiliated with the People’s Republic […]

The post FBI Offers $10 Million Reward for information on Salt Typhoon Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Rubrik announced its upcoming solution, Identity Resilience, designed to secure the entire identity landscape alongside data. Identity Resilience aims to protect the most common entry points for attackers – human and non-human identities (NHIs) – to help organizations maintain operations with minimal downtime. Identity Resilience aims to address a blindspot in enterprise security. A critical piece of infrastructure utilized by a vast majority of organizations, identity remains a consistent target for hackers. When compromised, these … More →

The post Rubrik Identity Resilience protects vulnerable authentication infrastructure appeared first on Help Net Security.

Hackers Deploying Infostealers for Data and Credential Theft
Hacks targeting cloud infrastructure rose significantly last year, with attackers exploiting misconfiguration and single sign-on features to deploy infostealers for data and credential theft. Hackers target centralized cloud assets secured with single sign-ons.

Experts Say White House AI Plan May Spur Innovation But Leave School Data at Risk
The White House issued an executive order Wednesday to expand the use of new artificial intelligence tools in U.S. K–12 schools, drawing expert warnings over the lack of cybersecurity safeguards to prevent data leaks or misuse by AI firms for model training.

通过LLM构建的、基于问题的安全事件标准化调查方案

电信运营商、银行金融机构、高校研究机构以及腾讯云在内的多位专家分享了金融电信网络诈骗真实案例、金融反诈最佳实践、AI应用技术方案，并共同发起体系化金融反诈联合倡议。

Microsoft делает ход конем, невольно блокируя обновления.

BreachLock AEV automates multistep, threat-intelligence-led attack scenarios—helping security teams uncover real exposures and prioritize what matters most. Going beyond just showing security teams their risk, BreachLock Adversarial Exposure Validation simulates how real-world adversaries would exploit it by mirroring their behavior with business-aware context throughout each phase of the BreachLock AEV workflow –– from discovery to exploitation. BreachLock AEV enables enterprises to launch automated multi-stage, complex red teaming engagements supercharged by generative AI across multiple threat … More →

The post BreachLock AEV simulates real attacks to validate and prioritize exposures appeared first on Help Net Security.

A vulnerability, which was classified as problematic, was found in Shopizer 1.1.5. This affects an unknown part. The manipulation of the argument Status leads to cross site scripting. This vulnerability is uniquely identified as CVE-2014-4965. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Dashlane unveiled a new approach to addressing human risk in response to the rise of AI-driven phishing attacks and shadow IT in corporate environments. Built on innovation that pushes beyond vault-based password management, Dashlane Omnix is the AI-accelerated credential security platform that unifies proactive intelligence, real-time response, and protected access to provide businesses complete credential security across their workforce – all in one intuitive experience. While GenAI has accelerated business productivity and innovation, it’s also magnified … More →

The post Dashlane introduces Omnix for AI-powered credential protection appeared first on Help Net Security.

A vulnerability was found in Tyan S5552 BMC up to 3.00. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to files or directories accessible. This vulnerability is known as CVE-2023-2538. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in GStreamer. Affected is an unknown function of the component FLAC File Parser. The manipulation leads to integer overflow. This vulnerability is traded as CVE-2023-37327. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Pandoc up to 3.1.3 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper input validation. This vulnerability was named CVE-2023-35936. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 114. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Drag/Drop API. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2023-37203. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in GStreamer and classified as critical. Affected by this vulnerability is an unknown functionality of the component SRT File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2023-37329. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.