Aggregator

A vulnerability described as problematic has been identified in Apple macOS. This impacts an unknown function of the component User Information Handler. The manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2024-44282. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Apple visionOS. Affected is an unknown function of the component User Information Handler. This manipulation causes out-of-bounds read. This vulnerability is tracked as CVE-2024-44282. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Apple iOS and iPadOS. Affected by this vulnerability is an unknown functionality of the component User Information Handler. Such manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2024-44282. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, has been found in Apple tvOS. Affected by this issue is some unknown functionality of the component User Information Handler. Performing a manipulation results in out-of-bounds read. This vulnerability is cataloged as CVE-2024-44282. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Apple macOS. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2024-44278. The attack can only be performed from a local environment. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Apple visionOS. This vulnerability affects unknown code. The manipulation results in information disclosure. This vulnerability is identified as CVE-2024-44278. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

A vulnerability has been found in Apple iOS and iPadOS and classified as problematic. This issue affects some unknown processing. This manipulation causes information disclosure. This vulnerability is tracked as CVE-2024-44278. The attack is restricted to local execution. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Apple watchOS and classified as problematic. Impacted is an unknown function. Such manipulation leads to information disclosure. This vulnerability is listed as CVE-2024-44278. The attack must be carried out locally. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Apple macOS. Affected is an unknown function. Performing a manipulation results in improper access controls. This vulnerability is reported as CVE-2024-44280. The attack requires a local approach. No exploit exists. It is suggested to upgrade the affected component.

In this Help Net Security video, Andrew Williams, Senior Product Manager at Mimecast, walks through the company’s API-based email security protection for Microsoft 365 and Google Workspace environments. The video covers a core problem: AI-generated phishing and business email compromise are slipping past native Microsoft 365 controls. According to Mimecast’s State of Human Risk report, 64% of organizations know their built-in email security has gaps. Mimecast’s API solution connects via Microsoft Graph API in minutes, … More →

The post How Mimecast brings enterprise-grade email protection to API deployment appeared first on Help Net Security.

过去十年，如果要评选中国制造最成功的产业之一，光伏一定名列前茅。

解释模型内部机理

HackerNews 编译，转载请注明出处： Fortinet周末紧急发布补丁，修复FortiClient企业管理系统（EMS）中已被作为零日利用的漏洞。 该关键级别漏洞编号CVE-2026-35616（CVSS评分9.1），被描述为访问控制不当问题，可被利用实现远程代码执行（RCE）。 据Fortinet公告，远程攻击者可向易受攻击的FortiClient EMS发送特制请求触发该漏洞。成功利用无需认证。 “Fortinet已观察到该漏洞遭野外利用，”公司警告。 周六，Fortinet宣布为FortiClient EMS 7.4.5和7.4.6版本提供热修复程序，并指出7.2版本不受影响。公司还发布了关于如何下载应用热修复程序及验证修复是否完成的详细说明。 “即将发布的FortiClientEMS 7.4.7也将包含对此问题的修复。与此同时，上述热修复程序足以完全防止该漏洞，”Fortinet表示。 公司将发现并报告该漏洞归功于”Defused”。据该网络安全公司称，该漏洞允许未经认证的攻击者绕过API认证和授权。 “本周早些时候观察到该漏洞遭野外利用后，Defused通过负责任披露向Fortinet报告，”该网络安全公司周六表示。 非营利组织Shadowserver基金会称，已观察到约2000个可从互联网访问的FortiClient EMS实例。这些实例可能面临利用新零日漏洞及CVE-2026-21643的攻击风险——后者是最近修补的SQL注入漏洞，已被利用超过一周。 攻击面管理公司WatchTowr称，自3月31日起观察到利用活动，”似乎是全面升级前的早期探测”。 WatchTowr首席执行官兼创始人Benjamin Harris表示：”令人失望的是更大的图景。这是几周内FortiClient EMS第二个未经认证的漏洞。因此，运行FortiClient EMS并暴露于互联网的组织应再次将其视为应急响应情况，而非周二早上才处理的事情。立即应用热修复。攻击者已经领先。” 周一，美国网络安全机构CISA将CVE-2026-35616加入其已知被利用漏洞（KEV）目录，敦促联邦机构在4月9日前完成修补。 消息来源：securityweek.com； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

ФБР раскрыло дело о кибердиверсии работника против завода в США.

1941年11月下旬，美国驻日大使约瑟夫·格鲁（Joseph Grew）向美G务院发回了一封电报。电报的内容

1985 年4月，一个细雨蒙蒙的午后，阿尔德里奇·艾姆斯（Aldrich Ames）走进华盛顿特区的苏联大使

美国延长俄油经哈输我制裁豁免，中美中亚能源通道博弈与我能源安全风险研判（资料编码260402597，17页，

一杯咖啡里的战争2026年1月，CIA在YouTube上发布了一支简体中文视频，短短数日，播放量突破1400万

HackerNews 编译，转载请注明出处： 微软表示，网络犯罪团伙Storm-1175（以部署Medusa勒索软件载荷闻名）一直在高速攻击中利用N日和零日漏洞。 该网络犯罪团伙迅速转向针对新安全漏洞以获取受害者网络访问权限，部分漏洞在一天内即被武器化，某些情况下甚至在补丁发布前一周就开始利用。 微软称：”Storm-1175从初始访问到数据外泄和Medusa勒索软件部署进展迅速，通常仅需数天，某些情况下24小时内即可完成。该威胁行为体的高运营节奏和识别暴露外围资产的能力已被证明是成功的，近期入侵严重影响医疗组织，以及澳大利亚、英国和美国的教育、专业服务和金融部门。” 微软还观察到Storm-1175运营者链接多个漏洞，通过创建新用户账户、部署远程监控管理软件、窃取凭证、禁用安全软件，然后投放勒索软件载荷，在受感染系统上获得持久化。 10月，微软报告称Storm-1175在Medusa勒索软件攻击中利用最高严重性的GoAnywhere MFT漏洞（CVE-2025-10035）超过一周，该漏洞随后才被修补。 Storm-1175作为零日利用的另一漏洞是CVE-2026-23760，SmarterTools的SmarterMail邮件服务器和协作工具中的认证绕过。 微软补充：”虽然这些近期攻击展示了Storm-1175进化的开发能力或获取漏洞经纪人等新资源的途径，但值得注意的是GoAnywhere MFT此前已被勒索软件攻击者针对，且SmarterMail漏洞据称与先前披露的缺陷相似。这些因素可能有助于促进Storm-1175随后的零日利用活动，该组织仍主要利用N日漏洞。” 在近期活动中，Storm-1175已利用10款软件产品中的16个以上漏洞，包括Microsoft Exchange（CVE-2023-21529）、Papercut（CVE-2023-27351和CVE-2023-27350）、Ivanti Connect Secure和Policy Secure（CVE-2023-46805和CVE-2024-21887）、ConnectWise ScreenConnect（CVE-2024-1709和CVE-2024-1708）。 微软还观察到其利用JetBrains TeamCity（CVE-2024-27198和CVE-2024-27199）、SimpleHelp（CVE-2024-57726、CVE-2024-57727和CVE-2024-57728）、CrushFTP（CVE‑2025‑31161）、SmarterMail（CVE-2025-52691）和BeyondTrust（CVE-2026-1731）的漏洞。 2025年3月，CISA与FBI及多州信息共享与分析中心（MS-ISAC）发布联合公告，警告Medusa勒索软件团伙的攻击已影响美国300多个关键基础设施组织。 2024年7月，微软还将Storm-1175威胁组织与另外三个网络犯罪团伙关联，指其利用VMware ESXi认证绕过漏洞发动Black Basta和Akira勒索软件攻击。 消息来源：bleepingcomputer.com； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

Online platforms are running large language models at every stage of LLM content moderation, from generating training data to auditing their own systems for bias. Researchers at Google mapped how this is happening across what the authors call the Abuse Detection Lifecycle, a four-stage framework covering labeling, detection, review and appeals, and auditing. Earlier moderation systems, built on models like BERT and RoBERTa fine-tuned on static hate-speech datasets, could identify explicit slurs with reasonable accuracy. … More →

The post Google study finds LLMs are embedded at every stage of abuse detection appeared first on Help Net Security.