相约香港|慢雾将亮相香港区块链高峰论坛与 Bitcoin Asia 2025 周边活动
期待与您交流!
Aggregator
重磅发布!Coremail CACTER 邮件入侵防护系统(MAF)全新上线
5 months 3 weeks ago
邮件安全面临挑战?别担心!8 月 27 日直播,Coremail CACTER 邮件入侵防护系统(MAF)全新上线首秀来袭。
带你抢先看 MAF 亮点全解,还有直观效果演示。现场更有惊喜礼品等你拿,立即点击预约直播,开启邮件安全防护新体验。
CACTER邮件安全
重磅发布!Coremail CACTER 邮件入侵防护系统(MAF)全新上线
5 months 3 weeks ago
Coremail CACTER邮件入侵防护系统(MAF)将于8月27日上线直播,展示其功能亮点和效果演示,并提供直播预约及礼品赠送。
2025世界人工智能大会看点满满!国投智能股份作“AI安全治理”主题演讲
5 months 3 weeks ago
7月26日至28日,2025世界人工智能大会(2025 WORLD AI CONFERENCE)在上海举办。国投智能股份首席战略官江汉祥在重要生态合作伙伴华为展区作《AI网络犯罪与公共安全治理》主题演讲,并发布美亚“鉴真”生成合成内容检测系列产品。
江汉祥在主题演讲中深入剖析了当前 AI 网络犯罪的现状与趋势,详细阐述了 AI 技术在网络犯罪中的应用方式以及给公共安全带来的巨大挑战,并着重介绍了国投智能股份积极探索 AI 安全治理的新模式、新方法。
值得一提的是,国投智能股份在会上正式发布了美亚“鉴真”生成合成内容检测系列产品。江汉祥通过生动案例阐述AI技术应用和AI安全前景,巧妙引出“鉴真”系列产品发布,现场反响热烈。
公司“鉴真”系列产品以多元化的业务模式,能够满足不同场景需求,用户可依据业务特性、数据规模及安全要求,灵活选择适配版本,获取定制化的AI合成生成内容检测解决方案:
•实验室装备版适配专业科研与鉴定场景;
•手机、平板、电脑等端侧SDK支持移动设备及终端应用的实时检测集成;
•私有服务版通过本地化部署,保障数据隐私与安全;
•SaaS化服务版以云端API实现低成本、高灵活的能力输出;
•互联网微信小程序则为个人用户及中小机构提供便捷的轻量化检测服务。
未来,国投智能股份将继续聚焦大模型技术应用、生成式人工智能和人工智能安全等核心方向,不断加大研发投入,推出更多安全、可信、可靠的人工智能技术产品,为维护网络安全、保障社会稳定贡献更多力量。
2025世界人工智能大会简介
2025世界人工智能大会(2025 WORLD AI CONFERENCE)是落实习近平总书记提出的《全球人工智能治理倡议》的重要行动,旨在打造人工智能领域的科技风向标、应用展示台、产业加速器、治理议事厅。主办单位为中国外交部、国家发展改革委、上海市人民政府等,大会主题为“智能时代 同球共济”。
大会以“1+1+2+10+N”架构呈现,即1场开幕式及主论坛,1场人工智能全球治理高级别会议,科学前沿、发展安全2场全体会议,10余场部委论坛及N场生态论坛。同时设置了会议论坛、展览展示、赛事评奖、应用体验、创新孵化等5个板块。2025世界人工智能大会展览共展出3000余项前沿展品,涵盖40余款大模型、50余款AI终端产品、60余款智能机器人,以及100余款全球首发或中国首秀重磅新品。
国投智能
2025世界人工智能大会看点满满!国投智能股份作“AI安全治理”主题演讲
5 months 3 weeks ago
国投智能股份在2025世界人工智能大会上发布“鉴真”生成合成内容检测系列产品,涵盖实验室装备版、端侧SDK、私有服务版、SaaS化服务版及微信小程序等多场景应用模式。
CVE-2025-43240 | Apple macOS up to 15.5 improper check or handling of exceptional conditions (Nessus ID 243030 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability categorized as problematic has been discovered in Apple macOS up to 15.5. Affected by this issue is some unknown functionality. Such manipulation leads to improper check or handling of exceptional conditions.
This vulnerability is uniquely identified as CVE-2025-43240. The attack can be launched remotely. No exploit exists.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-43228 | Apple iOS/iPadOS up to 18.5 clickjacking (Nessus ID 252299 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability was found in Apple iOS and iPadOS up to 18.5 and classified as problematic. This affects an unknown function. Executing manipulation can lead to clickjacking.
This vulnerability appears as CVE-2025-43228. The attack may be performed from a remote location. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-43227 | Apple tvOS Web information disclosure (Nessus ID 243030 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability classified as problematic has been found in Apple tvOS. This impacts an unknown function of the component Web Handler. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2025-43227. The attack is possible to be carried out remotely. No exploit exists.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-43227 | Apple visionOS Web information disclosure (Nessus ID 243030 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability classified as problematic was found in Apple visionOS. Affected is an unknown function of the component Web Handler. The manipulation results in information disclosure.
This vulnerability was named CVE-2025-43227. The attack may be performed from a remote location. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2025-43227 | Apple watchOS Web information disclosure (Nessus ID 243030 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Apple watchOS. Affected by this vulnerability is an unknown functionality of the component Web Handler. This manipulation causes information disclosure.
The identification of this vulnerability is CVE-2025-43227. It is possible to initiate the attack remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-43227 | Apple iOS/iPadOS Web information disclosure (Nessus ID 243030 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Apple iOS and iPadOS. Affected by this issue is some unknown functionality of the component Web Handler. Such manipulation leads to information disclosure.
This vulnerability is referenced as CVE-2025-43227. It is possible to launch the attack remotely. No exploit is available.
You should upgrade the affected component.
vuldb.com
CVE-2025-43227 | Apple macOS Web information disclosure (Nessus ID 243030 / WID-SEC-2025-1703)
5 months 3 weeks ago
A vulnerability described as problematic has been identified in Apple macOS. This affects an unknown function of the component Web Handler. Executing manipulation can lead to information disclosure.
This vulnerability is handled as CVE-2025-43227. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is recommended.
vuldb.com
打工人留学的现实成本与结局
5 months 3 weeks ago
作者从互联网行业辞职后赴欧洲留学两年,在经济上完全自给自足,并获得了更广阔的眼界和心态上的提升。最终选择留在当地工作。
微软推出虚拟机转换程序可以轻松将VMware转换为Hyper-V 但主要面向企业提供
5 months 3 weeks ago
微软推出虚拟机转换程序,可快速将VMware虚拟机迁移到Hyper-V,适用于企业IT管理员。该程序以扩展形式安装于Windows Admin Center,支持多台虚拟机同时迁移,并保留所有数据。
从一个补了三次的漏洞看WCF的安全编程
5 months 3 weeks ago
背景
笔者在2016年11月发现并报告了HP Support Assistant (HPSA) 的权限提升漏洞,HP Product Security Response Team (HP PSRT) 响应迅速,但却以此漏洞可以通过软件的自动更新功能自动修复为由拒绝为其发布安全公告和CVE。4月份想起这件事后,笔者又分析了一遍修补后的HPSA,发现HP的开发人员在修补中犯了更为低级的错误,导致补丁可以被绕过重新实现权限提升。在随后与HP PSRT的沟通与合作中,再一次利用其它技巧绕过了其后续修补,最终笔者协助HP PSRT完成了漏洞的修补。
本文将分析此漏洞的成因及多次补丁绕过,希望能以此为案例提高开发人员对安全的认识和理解,以减少由于对所用技术理解不到位和安全编程意识匮乏而导致的安全漏洞。
xlab
2025年度警务融合计算四川省重点实验室开放课题
5 months 3 weeks ago
2025年度警务融合计算四川省重点实验室开放课题公告
Farmers Insurance, Aflac Report Data Breaches to Regulators
5 months 3 weeks ago
Farmers' Breach Affects 1.1 Million; Aflac Is Still Counting Victims
Two major U.S.-based insurers - Farmers Insurance and Aflac Inc. - have each reported to regulators data breaches involving two recent separate cyberattacks. The breaches follow a spring and summer spree of data exfiltration incidents that hit multiple large players in the insurance sector.
Two major U.S.-based insurers - Farmers Insurance and Aflac Inc. - have each reported to regulators data breaches involving two recent separate cyberattacks. The breaches follow a spring and summer spree of data exfiltration incidents that hit multiple large players in the insurance sector.
Nevada State Offices Halts Services After Cyber Incident
5 months 3 weeks ago
Nevada Grappling with Statewide IT Disruption, Forcing Suspension of Services
Nevada officials are investigating a network security breach that forced state offices to suspend services and knocked key systems offline, including websites and phone lines, though emergency services remain active and no data exposure has been confirmed.
Nevada officials are investigating a network security breach that forced state offices to suspend services and knocked key systems offline, including websites and phone lines, though emergency services remain active and no data exposure has been confirmed.
Agentic AI Browser an Easy Mark for Online Scammers
5 months 3 weeks ago
One Prompt Was Enough for AI Agent to Buy, Click and Expose Sensitive Data
AI agents that shop and surf the web on behalf of users are suckers for scams, find security researchers who sicced a fake online story, a phishing email and a fake captcha on Perplexity's AI-powered web browser Comet. The AI's logic was not designed to weigh credibility or risk.
AI agents that shop and surf the web on behalf of users are suckers for scams, find security researchers who sicced a fake online story, a phishing email and a fake captcha on Perplexity's AI-powered web browser Comet. The AI's logic was not designed to weigh credibility or risk.
Ontic Secures $230M to Scale Connected Security Platform
5 months 3 weeks ago
Physical Security Firm Eyes Insider Risk, Federal Growth and AI-Powered Automation
Ontic has raised $230 million in Series C funding to expand its connected intelligence platform and pursue new federal and international markets. The Austin, Texas-based company will invest in AI, integrations and data to strengthen cyber-physical threat detection and automation.
Ontic has raised $230 million in Series C funding to expand its connected intelligence platform and pursue new federal and international markets. The Austin, Texas-based company will invest in AI, integrations and data to strengthen cyber-physical threat detection and automation.