Aggregator

Новый вредоносный дроппер обходит защиту Android 13 с пугающей лёгкостью.

The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks

INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam.  The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor poses as a trusted figure and uses email to

by Mike Saunders, Principal Security Consultant     This blog is the eighth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of […]

In July, Guardio Labs reported they had detected “EchoSpoofing,” a critical in-the-wild exploit of Proofpoint’s email protection service. This sophisticated phishing campaign highlights the vulnerabilities of robust security systems and underscores the importance of comprehensive security measures of SSPM in alerting on misconfigurations in email systems that can be exploited in such attacks. Overview of […]

The post Breach Debrief Series: EchoSpoofing Phishing Campaign Exploiting Proofpoint’s Email Protection appeared first on Adaptive Shield.

The post Breach Debrief Series: EchoSpoofing Phishing Campaign Exploiting Proofpoint’s Email Protection appeared first on Security Boulevard.

今年二月，ZLUDA 项目开发者 Andrzej Janik 在 GitHub 上开源了 AMD 资助的 CUDA 实现，允许 CUDA 应用无需修改就能运行在 AMD 的显卡上。AMD 停止了对改项目的资助，但允许开发者公开源代码。但开源六个月之后，AMD 律师撤销了开源的决定，项目也随之从 GitHub 下架。Andrzej Janik 证实，该项目没有收到英伟达的任何法律威胁，而是应 AMD 法务部门的要求。他表示自己还完成了一个运行在 AMD GPU 上的 NVIDIA GameWorks 实现，但相关代码永远不会开源了。

The Grand Palais Réunion des musées nationaux (Rmn) in France is warning that it suffered a cyberattack on Saturday night, August 3, 2024. [...]

Let's look at Tracfone's $16 million settlement with the FCC to understand why API security testing matters.

The post Why API Security Testing Matters – Learning from Tracfone appeared first on Dana Epp's Blog.

Cybersecurity startup RAD Security, a finalist in this year's Black Hat USA Startup Spotlight competition, looks for "drift events," or events that vary from the baseline.

Our new Keycloak integration is the latest in a range of 50+ integrations that ensure DataDome stops bad bots & fraud on any infrastructure.

The post DataDome Now Protects Keycloak IAM appeared first on Security Boulevard.

美国天基导弹防御系统发展现状 by 路人甲

CrowdStrike的库加载和快速升级机制的分析笔记 by 路人甲

查询NGO信息网站汇总 by 路人甲

更多最新文章，请访问SecWiki

Researchers from LevelBlue Labs have uncovered a new tactic threat actors employ to hijack legitimate anti-virus software for malicious purposes. This sophisticated attack leverages a tool named SbaProxy, which masquerades as a legitimate anti-virus component to establish proxy connections through a command and control (C&C) server. SbaProxy is a new tool in the threat actor’s evolving toolkit, […]

The post Hackers Hijack Anti-Virus Software Using SbaProxy Hacking Tool appeared first on Cyber Security News.

Находка ученых раскрывает тайны формирования галактик.

Of the 17.8m phishing emails detected, 62% bypassed DMARC checks and 56% evaded all security layers