Aggregator

欢迎2024级的新同学们加入复旦大学系统软件与安全实验室

上半年安恒信息实现营业收入6.98亿元，归母净利润为-2.76亿元，虽然比上年同期收窄32.52%，但仍未实现盈利。

主站 分类 漏洞 工具 极客

安全玻璃盒全新力作《软件供应链安全实践指南》正式出版｜中国工程院院士沈昌祥等联合力荐 日期：2024年08月29日 阅：58

《软件供应链安全实践指南》正式出版发行 范丙华主编   安全玻璃盒安全团队编著 中国工程院 […]

此内容受密码保护。如需查阅，请在下列字段中输入您的密码。 密码：

无法提供摘要。这是一篇受保护的文章。

2024年8月最值得关注的安全动态

Learn How to Recognize Fraudulent Job Postings and Avoid Becoming a Scam Victim
The demand for skilled cybersecurity professionals, coupled with the rise in remote work, has led to an increase in fraudulent job postings targeting tech-savvy individuals. Learn why this is so and how to protect yourself from deceptive schemes as you pursue a job in cybersecurity.

Over 1.2 Million Patients' Sensitive Data Exposed So Far This Year
Some dentists don't have much to smile about these days when it comes to cyberattacks. More than 1.2 million of their patients have had their sensitive data compromised in at least two dozen hacks and other breaches so far in 2024, including several incidents reported in the past month.

Acquisition Underscores the Importance of AI Security in Modern IT Infrastructure
Cisco announced its intent to acquire Robust Intelligence to fortify the security of AI applications. With this acquisition, Cisco aims to address AI-related risks, incorporating advanced protection to guard against threats such as jailbreaking, data poisoning and unintentional model outcomes.

Security Researcher Uncovered the Flaw, Which Allowed System Takeover
Microsoft says it fixed a security flaw in artificial intelligence chatbot Copilot that enabled attackers to steal multifactor authentication code using a prompt injection attack. Security researcher Johann Rehberger said he discovered a way to invisibly force Copilot to send data.

OperatorsKit This repository contains a collection of Beacon Object Files (BOFs) that integrate with Cobalt Strike. Kit content The following tools are currently in the OperatorsKit: Name Description AddExclusion Add a new exclusion to...

The post OperatorsKit: Collection of Beacon Object Files (BOF) for Cobalt Strike appeared first on Penetration Testing Tools.

TelecordC2 Telecord is an advanced cross-platform c2 using discord and Telegram API, it allows multi-agent handling with ease using Telegram and discord APIs can be good for exfiltration and network evasion, this project is...

The post TelecordC2: An advanced cross-platform C2 using Discord and Telegram api appeared first on Penetration Testing Tools.

Subdominator – Unleash the Power of Subdomain Enumeration Subdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential...

The post Subdominator: Unleash the Power of Subdomain Enumeration appeared first on Penetration Testing Tools.

本月早些时候，谷歌还宣布，由于可操作漏洞报告数量的减少，其Play安全奖励计划将在8月31日关闭新报告的提交。