马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览
新闻速览 •马斯克称X不被允许在华运营情况需改变,外交部回应 •特朗普宣布延长期限,TikTok在美暂时恢复运 […]
Aggregator
马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览
3 months ago
马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览 日期:2025年01月20日
战争下的相爱相杀,疑似GamaCopy组织利用军事诱饵对俄发起攻击
3 months ago
作者:知道创宇404高级威胁情报团队
英文版:https://paper.seebug.org/3270
近期,团队在威胁狩猎过程中,发现了针对俄语区目标的攻击样本。团队还关联到另外一个样本,两个样本在运行流程是一致的,并且使用的诱饵主题也是相同的。
通过对样本的分析和关联,本次样本具备以下特点:
利用军事设施相关内容为诱饵发起攻击。
使用7z自解压程序(SFX)释放和加载后续载荷。
利用...
战争下的相爱相杀,疑似GamaCopy组织利用军事诱饵对俄发起攻击
3 months ago
error code: 521
CERT-UA warns against “security audit” requests via AnyDesk
3 months ago
Attackers are impersonating the Computer Emergency Response Team of Ukraine (CERT-UA) via AnyDesk to gain access to target computers. The request (Source: CERT-UA) “Unidentified individuals are sending connection requests via AnyDesk under the pretext of conducting a ‘security audit to verify the level of protection,’ using the name ‘CERT.UA,’ the CERT-UA logo, and the AnyDesk ID “1518341498” (which may vary),” CERT-UA explained on Friday. The requests are apparently unarranged and the attackers are counting on … More →
The post CERT-UA warns against “security audit” requests via AnyDesk appeared first on Help Net Security.
Zeljka Zorz
FALCON vs RansomHub: США создали программу борьбы за цифровой суверенитет
3 months ago
Коста-Рика стала полигоном для новой инициативы США.
CVE-2005-3591 | Macromedia Flash Player up to 6.0.47.0 ActionScript Flash.ocx ActionDefineFunction input validation (EDB-1331 / Nessus ID 20158)
3 months ago
A vulnerability classified as critical was found in Macromedia Flash Player up to 6.0.47.0. This vulnerability affects the function ActionDefineFunction of the file Flash.ocx of the component ActionScript. The manipulation leads to improper input validation.
This vulnerability was named CVE-2005-3591. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
《后量子密码安全能力构建技术指南(2025年)》报告暨代表性厂商评估调研启动
3 months ago
随着量子计算技术的迅猛发展,其对现有密码体系的潜在威胁已成为网络安全领域的焦点议题。学术界与产业界的共识是,非对称加密算法可能在2029年面临来自量子计算的首次重大挑战,而至2034年,主流密码学技术
马斯克称X不被允许在华运营情况需改变,外交部回应; 美国联邦调查局担忧AT&T数据泄露可能暴露线人身份 | 牛览
3 months ago
新闻速览•马斯克称X不被允许在华运营情况需改变,外交部回应•特朗普宣布延长期限,TikTok在美暂时恢复运营•拜登临别签署行政命令,强化软件供应链安全认证•美国联邦贸易委员会下令通用汽车停止收集和出售
EDR vs. MDR: Which One is Best for Your Business?
3 months ago
Learn the key differences between EDR and MDR to choose the best cybersecurity solution for your business's protection and needs.
The post EDR vs. MDR: Which One is Best for Your Business? appeared first on Sygnia.
Sygnia
美国务院首次实施“网络安全运营需求外国援助计划”
3 months ago
美国通过网络安全国际援助计划协助哥斯达黎加处理炼油厂勒索攻击事件
因遭勒索软件泄露超近250万人临床信息,这家生物公司赔偿5400万元
3 months ago
该公司此前还因此次事件被罚超3000万元
Google 搜索服务开始要求启用 JavaScript
3 months ago
Google 搜索服务开始要求启用 JavaScript。公司发言人在一份声明中表示此举旨在更好的抵御恶意活动如机器人程序和 Spam,改善用户的整体搜索体验。这位发言人声称,如果不启用 JavaScript 很多搜索功能将无法正常工作,搜索质量会下降。Google 发言人称,不到 0.1% 的 Google 搜索是由禁用 JavaScript 的用户完成的。作为最大的搜索引擎,这并非是一个小数目。Google 每天处理大约 85 亿次搜索,这意味着有大约数百万人执行搜索时禁用了 JavaScript。
Google 搜索服务开始要求启用 JavaScript
3 months ago
Google 搜索服务开始要求启用 JavaScript。公司发言人在一份声明中表示此举旨在更好的抵御恶意活动如机器人程序和 Spam,改善用户的整体搜索体验。这位发言人声称,如果不启用
吾爱破解论坛微信红包封面设计预览
3 months ago
自上周发布“征集吾爱破解论坛微信红包封面设计”活动以来,我们收到了许多热心同学的精彩投稿。经过筛选和评审,目前已有几幅优秀作品在微信红包封面开放平台投稿并成功通过审核。现在,先为大家带来一波精彩预览。
吾爱破解论坛微信红包封面设计预览
3 months ago
自上周发布“征集吾爱破解论坛微信红包封面设计”活动以来,我们收到了许多热心同学的精彩投稿。经过筛选和评审,目前已有几幅优秀作品在微信红包封面开放平台投稿并成功通过审核。现在,先为大家带来一波精彩预览!
CVE-1999-0980 | Microsoft Windows NT 4.0 Service Control Manager denial of service (MS99-055 / EDB-19577)
3 months ago
A vulnerability, which was classified as problematic, has been found in Microsoft Windows NT 4.0. Affected by this issue is some unknown functionality of the component Service Control Manager. The manipulation leads to denial of service.
This vulnerability is handled as CVE-1999-0980. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2019-5797 | Google Chrome up to 72.0.3626.121 DOMStorage double free (EDB-46565 / ID 237168)
3 months ago
A vulnerability was found in Google Chrome. It has been declared as critical. This vulnerability affects unknown code of the component DOMStorage. The manipulation leads to double free.
This vulnerability was named CVE-2019-5797. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Невидимая империя: как устроен двухмиллиардный рынок киберпреступности
3 months ago
Аналитики раскрыли бизнес-модель даркнета.
Цифровая зависимость увеличивает расходы на информационную безопасность
3 months ago
Почему защита данных становится дороже?