10月27日专题会议 | 青年科学家学术会议
会议简介为促进青年学者间的交流,拓宽学术视野,激发创新思维,网络空间安全学术会议青年科学家学术会议将于2024年10月27日召开。本次会议将聚焦网络空间安全的前沿理论、方法和应用,邀请相关领域的青年学
Aggregator
10月26日专题会议 | 抗量子密码:标准、迁移及应用
2 months 3 weeks ago
会议简介随着量子计算技术的快速发展,抗量子密码学的学术研究和技术应用变得至关重要。本论坛将探讨抗量子密码学最新进展、标准化进程以及迁移与实际应用。本次论坛将汇聚来自国内在抗量子密码研究方向的顶尖学者、
CVE-2016-4092 | Adobe Acrobat Reader up to 11.0.15/15.006 memory corruption (APSB16-14 / Nessus ID 91096)
2 months 3 weeks ago
A vulnerability was found in Adobe Acrobat Reader up to 11.0.15/15.006. It has been classified as critical. Affected is an unknown function. The manipulation leads to memory corruption.
This vulnerability is traded as CVE-2016-4092. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
开启云网安新征程,云科安信与白山云达成深度战略合作
2 months 3 weeks ago
10月15日,北京云科安信科技有限公司(以下简称“云科安信”)与贵州白山云科技股份有限公司(以下简称“白山云科技”)签署战略合作协议,双方将融合各自优势对外提供云化深度安全防御服务,开辟网安新征程携手共建数字安全未来!
白山云科技董事长兼CEO霍涛、产品负责人苗辉、产品副总裁李国,云科安信创始人兼CEO金飞、COO陈思、技术总监王大伟、渠道总监王冬艳以及北京赛博英杰科技有限公司创始人谭晓生等人出席签约仪式,共同见证合作协议的签署。
(签约仪式现场)
作为一家以实战攻防技术为核心的高新技术企业,云科安信基于实战攻防能力,对客户安全建设的有效性进行验证,并进一步打通攻击面管理与新一代WAAP的能力闭环,以多维度的安全机制带来全域数字风险管理的整体解决方案,帮助企业实时鉴别业务应用及数据的全部访问和流转。此次,与白山云科技签署战略合作,云科安信将精细化防御能力与边缘云相融合,共同为客户提供轻量化、效果可度量的云网边端安全服务。
云科安信创始人兼CEO金飞表示,“网安市场从合规建设阶段发展到了平战结合的建设阶段,在技术角度上产品是阶段性的能力是永恒的,任何安全产品都有生命周期,攻防实战的能力却是安全领域唯一不变的。云科安信一直致力于攻防实战能力的挖掘与转化,将实战安全这种领域内唯一不变的能力交付给企业。本次双方的战略合作,依托白山云海量异构资源调度、全球高性能软件定义网络、边缘原生技术和边缘安全技术等方面的优势,以及多年来在边缘云网络和CDN服务上的深厚积累,进一步完善云科安信云网端的安全整体方案,不仅可以提高客户日常运营、随“战”启用的能力,还可以提升“平”时运营效率减少工作量,并大幅降低“战”时本地的防御压力,同时对客户的技术团队无任何复杂的技术要求。”
白山云科技是中国第二大独立边缘云服务供应商,凭借统一的网络、安全和计算能力的边缘云平台,在更靠近用户的互联网边缘端为企业及其终端用户提供高速、安全及经济的数字体验。截止目前,白山云科技在超过300多个城市部署了1700多个全球边缘节点,储备带宽80T+,海外防御能力4.5T+,每日处理全球请求数6000亿+。
(签约仪式现场)
对于此次合作,白山云科技董事长兼CEO霍涛表示,“期待白山全球边缘云平台提供的网络、边缘安全和服务优势与云科安信的全域数字风险管理能力深度融合,在产品共研、方案共建、协同运营、联合营销等维度拓展合作契机,高效推进项目落地。同时,基于白山云在海外市场,特别是‘一带一路’沿线地区的布局和优势,我们相信能够与云科安信一道精准把握全球发展机遇,共建数字安全未来。”
一直以来,针对企业web相关应用的攻击手法多样、隐蔽性强、技术迭代快,面对高级的蓄意攻击现有技术手段很难做到有效应对。白山云科技与云科安信强强联手、深度合作,白山云科技在全球边缘网云领域的网络、边缘安全和服务优势,以及云科安信专业的实战安全攻防能力将得到全方位充分融合。本次合作下双方将共同打造云化深度安全防御服务,针对高级别蓄意攻击融合WAAP、黑客画像、主动反制、网页自免疫、弱口令检测、Bot防御、表单加固等功能实现实时回溯、阻断、应急,确保攻击不落地。
云科安信与白山云科技的合作缘起于正奇学苑安全创业营,因此特别邀请赛博英杰创始人、正奇学苑创始人谭晓生出席签约仪式。为安全领域创业者开设的正奇学苑,持续不断地帮助广大安全领域创业者解决创业路上的实际问题,科学创业少走弯路、增进企业合作联动,创新创业推动中国网络空间安全产业发展。
(签约仪式现场)
“白山云超强的市场能力融合云科安信的技术能力,并以产品服务的形式对外提供这种能力,是一个非常好的整合模式。当前,整合产品能力市场能力,以合力“出海”走向国际,也是一个趋势。中国网络安全产业的成长和全球影响力的提升,正需要像白山云、云科安信这样的企业优势互补、携手并进,面向全球用户,打造创新方案和本地化服务。”对于云科安信与白山云科技的战略合作谭晓生给予了高度的评价。
网络安全同时面临着内部压力、外部挑战、数字化转型以及政策监管等多重挑战,云科安信与白山云科技的战略合作,通过两家公司技术上的深度融合,以轻量、快速、简单、经济的方式将专业化技术转化为能力赋予客户,带来了安全防护层级更深、范围更广、效果更佳的综合服务。
企业资讯
CVE-2023-20818 | MediaTek MT6985 WLAN Service out-of-bounds (ALPS07460540)
2 months 3 weeks ago
A vulnerability classified as problematic was found in MediaTek MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983 and MT6985. Affected by this vulnerability is an unknown functionality of the component WLAN Service. The manipulation leads to out-of-bounds read.
This vulnerability is known as CVE-2023-20818. An attack has to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-38094 | Microsoft SharePoint Server deserialization
2 months 3 weeks ago
A vulnerability was found in Microsoft SharePoint Server. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to deserialization.
This vulnerability was named CVE-2024-38094. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-41439 | hicolor 0.5.0 PNG File /vendor/cute_png.h cp_block heap-based overflow
2 months 3 weeks ago
A vulnerability was found in hicolor 0.5.0. It has been classified as problematic. Affected is the function cp_block in the library /vendor/cute_png.h of the component PNG File Handler. The manipulation leads to heap-based buffer overflow.
This vulnerability is traded as CVE-2024-41439. The attack needs to be done within the local network. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-39012 | ais-ltd strategyen 0.4.0 mergeObjects prototype pollution
2 months 3 weeks ago
A vulnerability was found in ais-ltd strategyen 0.4.0. It has been classified as problematic. Affected is the function mergeObjects. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution').
This vulnerability is traded as CVE-2024-39012. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com
CVE-2024-43607 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Microsoft Windows. This affects an unknown part of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability is uniquely identified as CVE-2024-43607. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-38212 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability was found in Microsoft Windows and classified as critical. Affected by this issue is some unknown functionality of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability is handled as CVE-2024-38212. The attack may be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-38261 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability was found in Microsoft Windows. It has been declared as critical. This vulnerability affects unknown code of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability was named CVE-2024-38261. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-38265 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability classified as critical has been found in Microsoft Windows. Affected is an unknown function of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability is traded as CVE-2024-38265. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-43453 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability classified as critical was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability is known as CVE-2024-43453. The attack can be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-43589 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Microsoft Windows. Affected is an unknown function of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability is traded as CVE-2024-43589. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-43592 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability was found in Microsoft Windows. It has been classified as critical. This affects an unknown part of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability is uniquely identified as CVE-2024-43592. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-43593 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Routing/Remote Access Service heap-based overflow
2 months 3 weeks ago
A vulnerability was found in Microsoft Windows. It has been declared as critical. This vulnerability affects unknown code of the component Routing/Remote Access Service. The manipulation leads to heap-based buffer overflow.
This vulnerability was named CVE-2024-43593. The attack can be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
МУЛЬТИФАКТОР выпустил бесплатную замену Active Directory
2 months 3 weeks ago
15 октября 2024 года российская компания-разработчик сообщила о выходе нового релиза Community-версии MultiDirectory.
Tor Browser 14.0 Released With New Android Circuit Options
2 months 3 weeks ago
Tor Browser 14.0 has been officially launched. It brings significant updates and new features to enhance user privacy and browsing experience. This release is built on Firefox ESR 128, integrating a year’s worth of updates and improvements from Firefox while also addressing over 200 issues identified during the annual ESR transition audit. New Features for […]
The post Tor Browser 14.0 Released With New Android Circuit Options appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
CVE-2024-10283 | Tenda RX9/RX9 Pro 22.03.02.20 SetNetControlList sub_4337EC list stack-based overflow
2 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow.
This vulnerability is handled as CVE-2024-10283. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-10282 | Tenda RX9/RX9 Pro 22.03.02.10/22.03.02.20 SetVirtualServerCfg sub_42EA38 list stack-based overflow
2 months 3 weeks ago
A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow.
This vulnerability is known as CVE-2024-10282. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com