前沿 | 谢永江:世界互联网大会乌镇峰会推出全球人工智能治理中国方案
近日,在2024年世界互联网大会乌镇峰会上,上海社会科学院、武汉大学、北京邮电大学等15家机构联合发布了《全球人工智能治理研究报告》。
Aggregator
院士谈 | 可信数据空间:数据产业高质量发展的新动力
4 months ago
数字经济源于互联网、大数据和人工智能等新一代信息技术的高速发展和深度应用,当前正处于成形期,其主要特征之一是数据成为新的生产要素并衍生出数据产业新业态。在此背景下,国家数据局发布《可信数据空间发展行动计划(2024—2028年)》。
程琳:创新构建具有中国特色的国家安全学体系
4 months ago
2024年4月15日是习近平总书记提出总体国家安全观十周年。总体国家安全观是习近平新时代中国特色社会主义思想的重要内容,国家安全是安邦定国的重要基石,是人民安居乐业幸福生活的保证等理念已经成为民众的普遍认知。
第十八届全国大学生信息安全竞赛(创新实践能力赛)暨第二届“长城杯”铁人三项赛(防护赛)线上初赛参赛手册
4 months ago
中国信息安全测评中心和教育部高等学校网络空间安全专业教学指导委员会联合主办第十八届全国大学生信息安全竞赛(创新实践能力赛)暨第二届“长城杯”铁人三项赛(防护赛)。初赛参赛手册主要由赛制说明、计分规则和平台操作说明等部分组成,具体内容如下。
CVE-2012-1007 | Apache Struts 1.3.10 upload-submit.do name cross site scripting (EDB-18452 / Nessus ID 60094)
4 months ago
A vulnerability was found in Apache Struts 1.3.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file struts-examples/upload/upload-submit.do. The manipulation of the argument name leads to cross site scripting.
This vulnerability is handled as CVE-2012-1007. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
威胁行为者利用Gafgyt恶意软件利用配置错误的Docker远程API服务器进行攻击
4 months ago
安全客
因涉嫌实施侵入性的监控行为,苹果公司在加州被员工起诉
4 months ago
因涉嫌实施侵入性的监控行为,苹果公司在加州被员工起诉
Funksec
4 months ago
cohenido
APT-C-53(Gamaredon)组织广泛攻击活动分析
4 months ago
360高级威胁研究院对Gamaredon组织的几种常见攻击手段进行了深入分析,发现该组织持续采用各种复杂的技术和策略,包括使用恶意LNK文件、XHTML文件以及复杂的网络钓鱼活动
APT-C-53(Gamaredon)组织广泛攻击活动分析
4 months ago
360高级威胁研究院对Gamaredon组织的几种常见攻击手段进行了深入分析,发现该组织持续采用各种复杂的技术和策略,包括使用恶意LNK文件、XHTML文件以及复杂的网络钓鱼活动
Vodka Giant Stoli Files for Bankruptcy After Ransomware Attack
4 months ago
Russian vodka-maker Stoli Group has filed for bankruptcy in the US after ransomware attack and alleged persecution by the Putin regime
How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges
4 months ago
Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards, monitors, or desk drawers. Others set rules so loose they may as well not exist. And many simply copy
The Hacker News
Funksec
4 months ago
cohenido
MSi微星推出新款掌机:Claw 7/8 AI+ 均采用Intel Ultra 7 258V处理器
4 months ago
MSi微星推出新款掌机:Claw 7/8 AI+ 均采用Intel Ultra 7 258V处理器
思科证实已存在10年的ASA产品漏洞正遭利用
4 months ago
速修复
Veeam 提醒注意VSPC中的严重RCE漏洞
4 months ago
速修复
CVE-2011-5111 | Kajianwebsite CMS Balitbang 3.0 alumni.php hal sql injection (EDB-36351 / XFDB-71466)
4 months ago
A vulnerability classified as critical was found in Kajianwebsite CMS Balitbang 3.0. Affected by this vulnerability is an unknown functionality of the file alumni.php. The manipulation of the argument hal leads to sql injection.
This vulnerability is known as CVE-2011-5111. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2021-46387 | ZyXEL ZyWALL 2 Plus Internet Security Appliance URI cross site scripting (ID 166189 / EDB-50797)
4 months ago
A vulnerability was found in ZyXEL ZyWALL 2 Plus Internet Security Appliance. It has been rated as problematic. This issue affects some unknown processing of the component URI Handler. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2021-46387. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Funksec
4 months ago
cohenido
最高级!360获评NVDB通用网络产品安全漏洞专业库“三星级技术支撑单位”称号
4 months ago
360获评NVDB通用网络产品安全漏洞专业库顶级认证!