【已复现】Splunk Enterprise 任意文件读取漏洞(CVE-2024-36991)安全风险通告
致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。
Aggregator
上周关注度较高的产品安全漏洞(20240701-20240707)
7 months 3 weeks ago
一、境外厂商产品漏洞 1、Sonatype Nexus Repository存在路径遍历漏洞
CNVD漏洞周报2024年第27期
7 months 3 weeks ago
2024年07月01日-2024年07月07日 本周漏洞态势研判情况本周信息安全漏洞威胁整体评价级别为中。
有奖调研|2024白帽子能力调研启动!
7 months 3 weeks ago
诚挚的邀请每一位白帽子加入调研行列!
漏洞管理新论:从KEV到CTEM
7 months 3 weeks ago
漏洞管理(Vulnerability Management)作为信息安全领域中最为人熟知的概念之一,一直是安全运营的核心活动。本文将探讨KEV目录、EPSS等新兴的漏洞评估方法,以及CTEM等前瞻性框架如何帮助组织更好地应对当前的威胁环境。
安天移动一周威胁情报盘点(7月1日-7月8日)
7 months 3 weeks ago
近期威胁情报速览!
盘点:2024年5月移动设备威胁态势
7 months 3 weeks ago
移动恶意软件类型整体呈活跃上升趋势
Decrypted: DoNex Ransomware and its Predecessors
7 months 3 weeks ago
Researchers from Avast have discovered a flaw in the cryptographic schema of the DoNex ransomware and its predecessors. In cooperation with law enforcement organizations, we have been silently providing the decryptor to DoNex ransomware victims since March 2024. The cryptographic weakness was made public at Recon 2024 and therefore we have no reason to keep […]
The post Decrypted: DoNex Ransomware and its Predecessors appeared first on Avast Threat Labs.
Threat Research Team
Rosetta:多样化网络环境下的TLS流量分类
7 months 3 weeks ago
在加密流量分类问题中,因多样化网络中不同的TCP机制导致的数据包长度序列发生变化而使模型失效, Rosetta系统通过TCP感知的流量增强机制和自监督学习获取TLS特征从而使不同网络环境中达到相对较好的分类效果。
Attack Activities by Kimsuky Targeting Japanese Organizations
7 months 3 weeks ago
JPCERT/CC has confirmed attack activities targeting Japanese organizations by an attack group called Kimsuky in March 2024. This article introduces the attack methods of the group confirmed by JPCERT/CC. Attack overview In the attack we identified, the attacker sent a...
喜野 孝太(Kota Kino)
抓NSA特种木马的方法
7 months 3 weeks ago
抓不到西方APT的技术,都是狗屁!
Monday, July 8, 2024 Security Releases
7 months 3 weeks ago
青少年之友
7 months 3 weeks ago
cby现在认可我「青少年之友」的称号,多次承认,名不虚传
做了一款服务网络安全领域人员的情报系统。
7 months 3 weeks ago
主要是提供安全情报,安全漏洞,威胁情报,数据泄露信息和众多安全工具,方便及时响应!
内置AI(gpt4o)/ai绘画(sd)/ChatTTS,无需登陆免费使用。里面有gpt4o,充了几十美元反正也用不完,给大家用了
3 个帖子 - 3 位参与者
abyssdawn
2024InForSec夏令营“导师面对面”专题活动最新议程出炉,快来围观你心仪的导师!
7 months 3 weeks ago
2024年InForSec“网络空间安全”大学生夏令营活动于2024年7月14日至23日在合肥中国科学技术大学举行。
[Flutter]设置应用包名、名称、版本号、最低支持版本、Icon、启动页以及环境判断、平台判断和打包
7 months 3 weeks ago
一、设置应用包名 在Flutter开发中,修改应用程序的包名(也称作Application ID)涉及几个步骤,因为包名是在项目的Android和iOS平台代码 […]
root
利用Brute Ratel安装恶意软件攻击活动的详细分析
7 months 3 weeks ago
利用Brute Ratel安装恶意软件攻击活动的详细分析
The Top 10 AI Security Risks Every Business Should Know
7 months 3 weeks ago
With every week bringing news of another AI advance, it’s becoming increasingly important for organizations to understand the risks before adopting AI tools. This look at 10 key areas of concern identified by the Open Worldwide Application Security Project (OWASP) flags risks enterprises should keep in mind through the back half of the year.
An In-Depth Look at Crypto-Crime in 2023 Part 1
7 months 3 weeks ago
Cybersecurity is a growing concern in today's digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals and businesses.
关于员工上网行为管理与防范恶意域名的策略探讨| 总第253周
7 months 3 weeks ago
您有一份周报待查收......