Aggregator

今日暂未更新资讯~
更多最新文章，请访问SecWiki

通过 Telegraph 与赛博菩萨提供的 Pages、D1，搭建一个专属于你自己的开源图床，如果你有更多需求还可通过优选加速图片载入时间，更有接入Mo

Network Security / Data BreachA nascent threat actor known as Crypt Ghouls has been linked to a se

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. This week, Sophos researchers warned that ransomware operators are exploiting the […]

Authors/Presenters:Nils Blach, Maciej Besta, Daniele De Sensi, Jens Domke, Hussein Harake, Shigang Li, Patrick Iff, Marek Konieczny, Kartik Lakhotia, Ales Kubicek, Marcel Ferrari, Fabrizio Petrini, Torsten Hoefler

Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.

Permalink

The post USENIX NSDI ’24 – A High-Performance Design, Implementation, Deployment, and Evaluation of The Slim Fly Network appeared first on Security Boulevard.

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goform_get_cmd_process of the component SMS Check. The manipulation of the argument order_by leads to sql injection. This vulnerability is known as CVE-2024-10195. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them. [...]

82 岁的荷兰女子 Jo Goosens 仍然骑着 1950 年 13 岁时父母送给她及其姐妹的黑色 Gazelle 牌自行车。她的同龄人纷纷转向了电动自行车，但她对此不屑一顾。她的自行车保养良好，每年都会上油。很多零部件也都更换了，包括后轮以及链条护罩。她已经不记得购买自行车花了多少钱，但还记得自行车店的店主名字。她的父母一共买了三辆车，另外两辆给了其姐妹，她家共有 7 个女孩和 2 个男孩。她的自行车曾被偷走，但神奇的预感帮助她找了回来。

Submit #422994 / VDB-280969

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt, Reaper, ScarCruft, Group123), exploited a recent Internet Explorer zero-day vulnerability, tracked as CVE-2024-38178 (CVSS score 7.5), in a supply chain attack. Threat intelligence firm AhnLab and South […]

Omni Family Health data breach impacts 468,344 individualsOmni Family Health disclosed a data

德国主权科技基金（Sovereign Tech Fund，STF)在庆祝其“赋权公共数字基础设施”两周年内时披露，过去两年向 60 个开放技术项目资助了逾 2300 万欧元。STF 过去两年收到了逾五百份申请，提议金额逾 1.14 亿欧元。主权科技基金旨在为开源项目提供亟需的软件维护资金，提高软件安全性，以及出于公共利益帮助开源项目进行其它方面的改进。