超1.4万台Fortinet设备长期被黑客入侵,约1100台位于中国
攻击者可以长期访问目标设备窃取敏感配置信息等
Aggregator
利用图像验证技术识别钓鱼攻击
4 months 2 weeks ago
钓鱼攻击升级!图像伪装成品牌窃密,4招识破骗局保安全。
Он помогает вам развивать бизнес, но сам может стать самой слабой точкой в системе
4 months 2 weeks ago
18 апреля — покажем, где скрываются слабые места в аутсорсе.
What Getting in Trump's Crosshairs Will Mean for SentinelOne
4 months 2 weeks ago
Axing Security Clearance Will Undermine Talent Pipeline, Chill Vendor Collaboration
Trump’s executive order revoking security clearances from SentinelOne over its hiring of former CISA head Chris Krebs is fueling fear in the cybersecurity sector. Experts warn the decision could hinder cybersecurity talent recruitment and public-private partnerships essential to national defense.
Trump’s executive order revoking security clearances from SentinelOne over its hiring of former CISA head Chris Krebs is fueling fear in the cybersecurity sector. Experts warn the decision could hinder cybersecurity talent recruitment and public-private partnerships essential to national defense.
Live Webinar | Cryptographic Control in a Zero Trust World: Mastering Machine-to-Machine Trust
4 months 2 weeks ago
RSAC Conference 2025 Aims to Accelerate Cyber Innovation
4 months 2 weeks ago
Event to Feature Innovation Sandbox 20-Year Anniversary, DARPA, Hacking Sessions
RSAC Conference brings together thousands of cybersecurity professionals with one goal: finding innovative ways to defend enterprises. This year for the event's annual Innovation Sandbox, the stakes couldn't be bigger. This year, leading-edge projects will receive $5 million in investment funding.
RSAC Conference brings together thousands of cybersecurity professionals with one goal: finding innovative ways to defend enterprises. This year for the event's annual Innovation Sandbox, the stakes couldn't be bigger. This year, leading-edge projects will receive $5 million in investment funding.
Ransomware Attack Disrupts Global Dialysis Provider DiVita
4 months 2 weeks ago
Company Files Report With SEC About Incident Discovered Over the Weekend
Denver-based DaVita Inc., which runs more than 3,100 dialysis and other kidney care facilities in the U.S. and in 13 other countries, reported to the U.S. Securities and Exchange Commission that a ransomware attack over the weekend is disrupting some of its operations.
Denver-based DaVita Inc., which runs more than 3,100 dialysis and other kidney care facilities in the U.S. and in 13 other countries, reported to the U.S. Securities and Exchange Commission that a ransomware attack over the weekend is disrupting some of its operations.
CISA Braces for Major Workforce Cuts Amid Security Fears
4 months 2 weeks ago
Staffers Considering Deferred Resignation, Payout Options Ahead of Looming Deadline
CISA employees face a Monday deadline to accept a deferred resignation, early retirement or payout as DHS prepares sweeping workforce cuts - potentially reducing the agency’s staff by a third and heightening risks to critical infrastructure across the U.S.
CISA employees face a Monday deadline to accept a deferred resignation, early retirement or payout as DHS prepares sweeping workforce cuts - potentially reducing the agency’s staff by a third and heightening risks to critical infrastructure across the U.S.
Fraud in Your Inbox: Email Is Still the Weakest Link
4 months 2 weeks ago
At-Bay Cyber Insurance Claims Report Finds 83% of Financial Fraud Starts With Email
Financial fraud remains the leading driver of cyberinsurance claims, with 83% of cases traced back to email-based attacks. Common tactics used to deceive employees include wiring funds to fraudulent accounts, generative AI-crafted emails, executive and vendor impersonation and BEC scams.
Financial fraud remains the leading driver of cyberinsurance claims, with 83% of cases traced back to email-based attacks. Common tactics used to deceive employees include wiring funds to fraudulent accounts, generative AI-crafted emails, executive and vendor impersonation and BEC scams.
Temu 在美国撤下了 Google Shopping 广告
4 months 2 weeks ago
拼多多旗下国际电商 Temu 于 4 月 9 日在美国关闭了 Google Shopping 广告,它在 App Store 的排名在三天内从 3 或 4 名跌至 58 名。Temu 的广告展示份额也在 4 月 12 日从广告商竞价数据中完全消失。背后的原因是特朗普政府的关税。Temu 的商业模式依赖于母公司拼多多的大量补贴,巨额关税意味着这一模式难以延续。
告别低效管控!一键搞定邮件数据安全,轻松减负增效
4 months 2 weeks ago
“每天审核上百千万封邮件是种什么体验?”
“比大海捞针还刺激,附件套娃、敏感词隐身、审批流程天天打结...”某企业IT负责人的吐槽,道出了无数同行的日常。
这可不是玩笑。国家网信办最新报告显示:68%的数据泄露始于邮件传输。传统的手动审核早已力不从心,当人工审核遇上智能时代,或许你需要的不是更多人力,而是一个更智能的邮件防泄露系统--CACTER EDLP:Coremail基于自研AI多维行为分析与实时预警技术打造的智能邮件数据防泄露系统。
这不,CACTER小助手为大家整理了三大常见邮件数据泄露场景及应对秘诀,帮助管理员们轻松搞定数据安全建设,一起来看看吧↓↓
省力技巧一:智能检测,精准拦截敏感信息
某企业IT 负责人:客户数据、交易记录、证件信息全在邮件里打转。上次同事不小心把客户数据当周报发出去,虽然及时撤回了,但合规部还是给了警告...怎么才能防止敏感信息泄露?
CACTER 小助手:我们CACTER EDLP内嵌智能模型,你可以按需使用邮箱通讯录、身份证、源代码、银行卡号等经典模型,也可以上传涉敏感文件样本,设置危险相似度,进行片段式的相似度查重,系统可以自动检测邮件内容,就能从那些繁琐的筛查工作中解脱出来,轻松又省心!
省力技巧二:多维解析,附件检测0遗漏
某企业IT负责人:我们这每天发的邮件都带附件,格式五花八门,除了常见的文本,还有 pdf、rar、cad等,甚至一个附件里还融合了好几种格式。那么复杂,怎么能一个不落地检查出里面有没有敏感信息呢?
CACTER 小助手:这事儿交给CACTER EDLP 准没错!CACTER EDLP支持 rar/zip/doc 以及后缀为空等上千种类型附件检测。系统还具备强大的 “附件解析 + 图片 OCR”能力,哪怕附件中嵌入了其它类型文件,也绝对逃不过 CACTER EDLP 的火眼金睛,真正实现检测 0 遗漏。
省力技巧三:灵活审批,多样管控策略
某企业IT负责人:公司部门太多了,像采购、研发这些关键部门,他们的邮件肯定得重点审核;有些普通部门,要求就没那么高。怎么才能制定不同的管控策略,实现灵活审批呢?
CACTER 小助手:小问题!CACTER EDLP 能让你根据部门的人员设置不同的策略。比如可以设置指定员工邮件按时间频率集中审批,重点人员邮件能实时审批。你还能设置多级审批或者让员工自审自批。多种策略随你挑,保证审批工作既高效又灵活!
以上邮件数据泄露防护省力技巧大家都学会了吗?赶紧点击收藏起来~
Coremail邮件安全
Google Groups File Attachment Restrictions Bypassed via Email Posting
4 months 2 weeks ago
A significant security vulnerability has been identified in Google Groups, allowing users to circumvent file attachment restrictions by simply sending emails to group addresses. This broken access control issue potentially impacts thousands of organizations that rely on Google Groups for controlled information sharing and collaboration. Ph.Hitachi recently observed the vulnerability, which exploits a disconnect between […]
The post Google Groups File Attachment Restrictions Bypassed via Email Posting appeared first on Cyber Security News.
Guru Baran
FreeBuf早报 | AI幻觉催生新型网络威胁;Windows Server 2025 重启故障
4 months 2 weeks ago
网络安全公司收购黑客账号渗透犯罪论坛,监控网络攻击活动。
英特尔以 44.6 亿美元将 Altera 控股权出售给私募
4 months 2 weeks ago
作为削减成本、筹集现金和精简公司业务的一部分,英特尔周一宣布以 44.6 亿美元将可编程芯片部门 Altera 的 51% 股权出售给私募股权公司 Silver Lake。这笔交易对 Altera 的估值为 87.5 亿美元,比英特尔在 2015 年支付的 170 亿美元收购价大幅减少。英特尔去年已将 Altera 分拆为一个独立部门,表示计划出售部分股权,而 Silver Lake 据报道是主要的竞购者。Altera 的可编程芯片可用于从电信设备到军事等各种用途。英特尔表示,交易预计将于 2025 年下半年完成。
Самый образованный вирус: ResolverRAT владеет 6 языками и искусством исчезновения
4 months 2 weeks ago
Он растворяется в системе быстрее, чем таблетка в стакане воды.
【全民国家安全教育日】直播预告:守护企业数据安全,筑牢国家安全防线
4 months 2 weeks ago
直播时间
4月16日15:00准时开播
立即扫码预约,看直播+转发邀请赢千元大礼
在第十个全民国家安全教育日到来之际,CACTER邮件安全积极响应国家战略,联合奇安信专家特别策划专场直播,揭秘企业数据安全之道,筑牢国家安全“看不见的防线”
直播亮点抢先看
权威发布:联合奇安信专家深度解析《2024年中国企业邮箱安全性研究报告》
·揭秘恶意邮件神秘幕后推手
·详解邮件攻击典型案例
·全球邮件安全威胁形势
破局有道:详解如何有效管控邮件敏感信息,获取涉密数据管控方案
·深度剖析邮件数据泄露风险
·三大案例还原邮件数据泄露场景
·企业智能审批与应急防控策略
精彩干货分享千万别错过!扫码预约锁定直播,让我们共同守护数据安全,为全民国家安全助力!
Coremail邮件安全
Seemplicity adds AI-driven capabilities to scale remediation operations
4 months 2 weeks ago
Seemplicity announced a major product release. This latest version of the Seemplicity Platform introduces powerful new AI-driven capabilities designed to streamline and scale remediation operations. Two major new features – called “Find the Fixer” and “Automatic Scoping” – reduce remediation chaos by eliminating manual bottlenecks and significantly accelerate the path from detection to resolution. Security teams face inadequate prioritization, misrouted remediation requests, and manual workflows that slow down progress. Legacy exposure management requires constant upkeep … More →
The post Seemplicity adds AI-driven capabilities to scale remediation operations appeared first on Help Net Security.
Industry News
【全民国家安全教育日】直播预告:守护企业数据安全,筑牢国家安全防线
4 months 2 weeks ago
⏰直播时间4月16日15:00准时开播立即扫码预约,看直播+转发邀请赢千元大礼�� 在第十个全民国家安全教育日 […]
Coremail
印度信息技术与管理学院 | Tor的Snowflake桥接流量分类分析
4 months 2 weeks ago
本文对Tor+Snowflake的网络流量进行详细分析,并将其与其他基于WebRTC的服务(如 Zoom)进行比较。
印度信息技术与管理学院 | Tor的Snowflake桥接流量分类分析
4 months 2 weeks ago
本文对Tor+Snowflake的网络流量进行详细分析,并将其与其他基于WebRTC的服务(如 Zoom)进行比较。