Aggregator

In a time of increasingly sophisticated cross-domain attacks, relying solely on automated solutions isn't enough.

经过了前几年机械键盘价格战的洗礼，键盘市场开始回归稳定，缓慢退烧，基本形成了跟目前游戏鼠标市场一样稳定分层的价位档次。同样的事情目前正在磁轴领域发生，不久之后，磁轴键盘应该也会以性能和整体做工分出层次

A Threat Actor Has Allegedly Leaked the Data of Alrajhi Bank

Data Privacy / Tech RegulationMeta has been fined 21.62 billion won ($15.67 million) by South Kore

图像编辑自由软件项目 GIMP 终于发布了 v3.0 的第一个 RC 版本，但目前只能通过 Git 获取，官网尚未提供二进制版本下载。GIMP 3.0 是一次用户期待已久的重大更新，其变化

A Threat Actor Has Allegedly Leaked Data of Regional Government of Ica

Google has announced that, by the end of 2025, multi-factor authentication (MFA) – aka 2-step verification – will become mandatory for all Google Cloud accounts. “Given the sensitive nature of cloud deployments — and with phishing and stolen credentials remaining a top attack vector observed by our Mandiant Threat Intelligence team — we believe it’s time to require [2-step verification] for all users of Google Cloud,” said Mayank Upadhyay, VP of Engineering and Distinguished Engineer, … More →

The post All Google Cloud users will have to enable MFA by 2025 appeared first on Help Net Security.

The trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversity

A vulnerability classified as critical has been found in Ericsson CodeChecker up to 6.24.1. Affected is an unknown function of the file /Authentication of the component API Endpoint. The manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2024-10081. It is possible to launch the attack remotely. There is no exploit available.

Atakama announced the latest expansion of its Managed Browser Security Platform, introducing DNS filtering explicitly designed for Managed Service Providers (MSPs). This new feature enables comprehensive in-browser and network-level filtering, providing a full-spectrum DNS solution that secures browsers and entire network environments. Atakama’s Managed Browser Security Platform transforms the browser into a secure foundation, empowering MSPs with enhanced visibility and control over client web activity. The platform now includes advanced capabilities such as category-based filtering … More →

The post Atakama introduces DNS filtering designed for MSPs appeared first on Help Net Security.

2024年第八届强网杯初赛Writr-up

A vulnerability was found in IBM Maximo Application Suite 8.10.11/8.11.8/9.0.0. It has been rated as problematic. This issue affects some unknown processing of the component Monitor. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-35146. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenText iManager up to 3.2.2. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2020-11859. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in realmag777 Active Products Tables for WooCommerce Plugin up to 1.0.6.4 on WordPress. It has been classified as problematic. This affects the function woot_button of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-10168. It is possible to initiate the attack remotely. There is no exploit available.

日本京都大学和住友林业公司制造的世界首颗木制卫星 LignoSat 搭乘 SpaceX 的火箭发射升空，将送往国际空间站，然后释放到轨道上，展开为期半年的太空环境测试。LignoSat 使