Aggregator

我们精选了本周知识大陆公开发布的10条优质资源，让我们一起看看吧。

In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens? Join DigiCert’s exclusive webinar, "When Shift Happens: Are You Ready for Rapid

Кто они – китайские хакеры, которые ведут двойную игру в киберпространстве по всему миру?

Как SilkSpecter столь правдоподобно маскирует мошеннические сайты?

error code: 521

Join top industry experts at API Security Day, a focused event at APIDays Paris, to explore in-depth strategies and insights for protecting APIs.

The post API Security Day – powered by APIDays & Escape appeared first on Security Boulevard.

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers in Europe and the USA during the Black Friday shopping season.  The campaign leveraged the legitimate payment processor Stripe to steal victims’ Cardholder Data (CHD) and Sensitive Authentication Data (SAD) while allowing legitimate transactions to proceed.  The threat actor used […]

The post Chinese SilkSpecter Hackers Attacking Black Friday Shoppers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

主站 分类 漏洞 工具 极客

error code: 521

企业资讯

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious e-commerce websites, leveraging multiple SEO malware families to achieve their goal. Three distinct threat actor groups were identified, each employing a unique malware family, with one group utilizing multiple families. One malware family’s C&C servers shared limited e-commerce site sets, […]

The post Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

梆梆安全

Переход режима от «горячего» к «холодному» взбудоражил экспертов и криминалистов.

A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware "targets victims' sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,"

Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root on vulnerable Expedition instances, leading to disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. CVE-2024-9465 – an SQL injection vulnerability – allows unauthenticated attackers to grab data from Expedition’s … More →

The post Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) appeared first on Help Net Security.