Aggregator

有黑客使用假冒的OnlyFans工具瞄准其他黑客，声称可以用来帮助窃取用户帐户，但实际上却是用 Lumma信息窃取器对这些黑客发动入侵。

卫星图像分析显示，在内通博·南迪·恩代特瓦担任外交部长期间，中国在纳米比亚资助/建造的基础设施有所增加。文章认为在内通博·南迪·恩代特瓦即将上任的政府领导下，中国在纳米比亚的发展有望继续增长。

- APT组织 Citrine Sleet 利用 Chromium 零日漏洞 - Kinsuky 组织针对航空航天工程相关人员的恶意代码分析 - APT29复用间谍软件开发商 NSO 和 Intellexa 用过的漏洞

东南亚的公司和政府机构，尤其是泰国、日本、韩国、新加坡和印度尼西亚，遭遇了显著增加的攻击频率，这一增速已超过欧洲国家。

Come preannunciato, il Pranzo dei Disinformatici 2024 si terrà in uno dei Consueti Locali nella zon

在全球化的今天，企业通信的无障碍至关重要。然而，随着企业业务的不断拓展，海外通信的挑战也随之增加。跨国邮件传输 […]

WMCTF2024 | 倒计时1天 | 明天不见不散~

WMCTF2024 | 倒计时1天 | 明天不见不散~

在商用密码领域，基础支撑技术目前已经是一个相对独立且标准化的技术体系，既是基础技术也就是一个起步门槛，具体应用 […]

A vulnerability, which was classified as critical, has been found in Apple macOS up to 10.13.1. Affected by this issue is some unknown functionality of the component PCRE. The manipulation leads to denial of service. This vulnerability is handled as CVE-2017-13846. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

国内一家某知名科技公司因内部文件不慎外泄，导致一部分客户资料曝光于公众视野，而公司却无法根据泄露的文件追溯到始作俑者。

新闻速览 •《汽车整车信息安全技术要求》等3项智能网联汽车强制性国家标准发布 •世界互联网大会召开推动构建网络 […]

A vulnerability classified as critical was found in CentOS-WebPanel.com CentOS Web Panel 6/7. This vulnerability affects unknown code of the file /cwp_{SESSION_HASH}/admin/loader_ajax.php. The manipulation of the argument term as part of Parameter leads to sql injection. This vulnerability was named CVE-2020-10230. The attack can be initiated remotely. Furthermore, there is an exploit available.

brutespray Brutespray has been updated to golang. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than its Python counterpart. Currently, Brutespray...

The post brutespray: Automatically attempts default creds on found services appeared first on Penetration Testing Tools.

JPCERT/CC held the annual ICS Security Conference 2024 on 7 February 2024. The conference aims to share the current status of threats to ICS both in Japan and overseas and the efforts of stakeholders in the field, as well as...

BunkerWeb BunkerWeb is a next-generation and open-source Web Application Firewall (WAF). Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them “secure by default”. BunkerWeb integrates...

The post BunkerWeb: Open-source and next-generation Web Application Firewall (WAF) appeared first on Penetration Testing Tools.

opensquat openSquat is an opensource Intelligence (OSINT) R&D project to identify cybersquatting threats to specific companies or domains, such as: Domain squatting Typosquatting IDN homograph attacks Phishing Scams It does support some key features such as:...

The post opensquat: opensource Intelligence R&D project to identify cyber squatting threats appeared first on Penetration Testing Tools.

A vulnerability, which was classified as critical, was found in tsdisplay4xoops 0.1. This affects an unknown part of the file blocks/tsdisplay4xoops_block2.php. The manipulation of the argument xoops_url leads to code injection. This vulnerability is uniquely identified as CVE-2007-2091. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

随着信息技术的飞速发展，数据安全问题日益凸显，商用密码技术作为保护数据安全的重要手段，其应用和推广受到了广泛关 […]