Aggregator

POC 无了！

近期国外安全厂商披露了一起巴基斯坦新威胁组织针对南亚某国防机构的移动端攻击活动，基于报告中提到的信息，经过360安全大模型进行关联后，我们挖掘到了更多相关样本

7月15-16日， 2024年InForSec网络空间安全大学生夏令营“导师面对面”专题学术活动在中国科学技术大学高新校区成功召开。南开大学教授，国家优青获得者汪定发表题为《定向口令猜测》的报告。

从「走一万步」到「跑马拉松」，这既是过去十年人们运动习惯的改变，也是 Keep 发展道路的象征隐喻。

Today’s malware is complex, and often comes with a wide assortment of evasion methods.   Many families got so good at evading automated sandboxes, that traditional methods often fall short in detecting them. This is where interactive malware sandboxes like ANY.RUN come into play — it offers a powerful tool for cybersecurity professionals to engage directly […]

The post What is an Interactive Malware Sandbox? appeared first on ANY.RUN's Cybersecurity Blog.

Специалисты раскрывают основные векторы атак и ключевые группы вымогателей.

Хакеры развязали беспощадную войну против Мадуро.

Two men living a life of luxury in Florida have been charged with cyber fraud after authorities became suspicious of their extravagant spending habits. Russian national Pavel Kublitskii and Kazakhstan national Alexandr Khodyrev, who arrived in the U.S. in 2022 seeking asylum, are now facing serious charges related to their alleged involvement in dark web […]

The post Dark Web Marketplace Admins Busted Following Luxury Life appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

2024年8月16日（周五）晚上 19:00-21:00 微访谈微信群。

近在上班摸鱼的时候发现了一个好用的阅读器，他只有一行文字，可以完美的隐藏在屏幕里面，光明正大的摸鱼而不被老板发现。

Microsoft’s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities

Siemensから各製品向けのアップデートが公開されました。

Siemensから各製品向けのアップデートが公開されました。

A vulnerability was found in Adobe InCopy up to 19.4. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2024-41858. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Substance3D Sampler up to 4.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-41860. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Substance3D Sampler up to 4.5. It has been classified as problematic. This affects an unknown part. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-41863. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Substance3D Sampler up to 4.5 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-41862. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Substance3D Designer up to 13.1.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2024-41864. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Adobe Substance3D Sampler up to 4.5. Affected is an unknown function. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-41861. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress. This issue affects the function uploadFile. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2024-4389. The attack may be initiated remotely. There is no exploit available.