Aggregator

Ты должен был бороться со злом, а не примкнуть к нему.

Cyber defense is no longer about hard perimeters or checklists. It’s about adaptability, intelligence, and integration. ICS offers that path forward. It’s time to move beyond SecOps and DevSecOps—the future of cybersecurity is Intelligent Continuous Security.

The post Why Intelligent Continuous Security is the Future of Cyber Defense appeared first on Security Boulevard.

Fastly announced key updates to Fastly DDoS Protection that deliver visibility into attack mitigation. Fastly DDoS Protection can mitigate attacks in seconds. Now with Fastly DDoS Protection’s Attack Insights, security teams gain real-time insights into DDoS events, empowering them to validate mitigation actions and confidently protect applications and APIs from DDoS attacks. DDoS, or Distributed Denial of Service attacks, can quickly disrupt services with distributed attacks against applications and APIs, causing costly downtime and requiring … More →

The post Fastly DDoS Attack Insights helps reveal and explain the unfolding of a DDoS attack appeared first on Help Net Security.

地狱猫勒索软件升级武器库，瞄准政府、教育、能源关键领域，双重勒索威胁加剧！

AI代理将通过自动化盗取凭证和破坏认证通信渠道，加剧对弱认证机制的利用。

澳大利亚政府已就此发布警告

Two critical vulnerabilities in VMware’s vCenter Server platform were recently patched by Broadcom, with the more severe of the two […]

The post Fortinet Alert: Critical Flaw in FortiSwitch Lets Attackers Hijack Admin Accounts appeared first on HawkEye.

Tufin releases Tufin Orchestration Suite (TOS) R25-1, bringing expanded device coverage, deeper visibility, and stronger cloud security to today’s modern hybrid and multi-cloud networks. As enterprises expand their networks across multiple cloud platforms and vendors, maintaining security, visibility, and compliance becomes increasingly complex. TOS R25-1 addresses these challenges by: Providing deeper visibility across hybrid environments with Arista, Zscaler, and VMware NSX-T Gateway Firewall support. Expanding automation to streamline security policy changes with Meraki, Microsoft Azure … More →

The post Tufin Orchestration Suite R25-1 brings expanded device coverage and boosts cloud security appeared first on Help Net Security.

Microsoft has released security fixes to address a massive set of 125 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 125 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as privilege escalation, 34 as remote code

微软Exchange管理中心全球宕机，管理员遭遇HTTP 500错误，关键业务受阻。

A vulnerability has been found in Kadence Gutenberg Blocks Plugin up to 3.2.31 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Countdown Widget/CountUp Widget. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-2919. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Announce from the Dashboard Plugin up to 1.5.2 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-3030. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in ElementsKit Elementor Addons Plugin up to 3.0.7 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Countdown Widget. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-2803. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 123 on iOS. Affected is an unknown function of the component javascript URL Handler. The manipulation leads to clickjacking. This vulnerability is traded as CVE-2024-31393. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 123 on iOS. It has been rated as problematic. This issue affects some unknown processing of the component Mixed Content Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-31392. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Tag and Category Manager Plugin up to 3.13.0 on WordPress. This affects an unknown part of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-2830. It is possible to initiate the attack remotely. There is no exploit available.

Name: Dreamhack Invitational 2025 (an Dreamhack Invitational event.)
Date: April 8, 2025, midnight — 08 April 2025, 21:00 UTC  [add to calendar]
Format: Jeopardy
On-site
Location: COEX, Seoul, South Korea
Offical URL: https://dreamhack.io/
Rating weight: 0
Event organizers: Dreamhack

泰国以侮辱君主的大不敬罪被捕了在奈瑞森大学（Naresuan University）担任讲师的美国学者 Paul Chambers，他可能面临数年监禁。泰国有着全世界最严厉的冒犯君主罪法，批评国王、王后或储君，每项罪行最高可判处 15 年监禁。任何人都能提起冒犯君主罪诉讼，被定罪者的刑期可能长达数十年，最近几年有数百人被起诉。Paul Chambers 被控大不敬罪是因为撰写了与泰国军事和政治相关的分析文章，遭到了军方的投诉。批评人士称，泰国政府常利用大不敬罪、煽动叛乱和计算机犯罪法等去压制批评和反对派。