Aggregator
专家观点 | 深化人工智能安全监管研究
4 months 3 weeks ago
专家解读 | 孙宇:健全防治“指尖上的形式主义”长效工作机制
4 months 3 weeks ago
通知 | 网安标委发布2024年44项网络安全国家标准项目立项清单
4 months 3 weeks ago
专题·勒索软件治理 | 基于量化指标的勒索攻击检测与防护方案
4 months 3 weeks ago
扫码订阅《中国信息安全》邮发代号 2-786征订热线:010-82341063文 | 北京天融信网络安全技术有限公司 王永 高彦恺 郑晨璐近年来,勒索攻击的手段不断演变,从最初的简单文件加密发展到现
全球视野 | 国际网安快讯(第35期)
4 months 3 weeks ago
扫码订阅《中国信息安全》邮发代号 2-786征订热线:010-82341063国际网安快讯第35期热点速览一、政策动态1. “五眼联盟”发布《安全创新》指南2. 美CISA发布首个国际网络安全战略计
我实验室4篇论文被NDSS 2025接收!
4 months 3 weeks ago
CVE-2019-8641 | Apple watchOS up to 5.3.1 Foundation out-of-bounds (HT210607 / EDB-47415)
4 months 3 weeks ago
A vulnerability has been found in Apple watchOS up to 5.3.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Foundation. The manipulation leads to out-of-bounds read.
This vulnerability is known as CVE-2019-8641. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Custom "Pygmy Goat" malware used in Sophos Firewall hack on govt network
4 months 3 weeks ago
error code: 1106
Police Doxing of Criminals Raising Ransomware-Attack Stakes
4 months 3 weeks ago
Incident Responders Say Disruptions Help, See No Spike in Median Ransom Payments
For anyone dreaming of law enforcement agencies arresting ransomware bigwigs, or intelligence agencies taking them out with drone strikes, keep on hoping. But here's good news: ransom payments haven't skyrocketed, as disruptions by law enforcement appear to be having an impact.
For anyone dreaming of law enforcement agencies arresting ransomware bigwigs, or intelligence agencies taking them out with drone strikes, keep on hoping. But here's good news: ransom payments haven't skyrocketed, as disruptions by law enforcement appear to be having an impact.
The Math Behind the Cyber Resilience Stack: A Three-Layered Defense Strategy
4 months 3 weeks ago
Expert Insights: Securing Your Cloud Data Across the Attack Timeline
4 months 3 weeks ago
Your Salesforce Data, Your Responsibility: Best Practices for Data Protection
4 months 3 weeks ago
Defense-in-Depth: Not Deep Enough
4 months 3 weeks ago
SEC Moves to Get Foreign Testimony in SolarWinds Fraud Case
4 months 3 weeks ago
Testimony Request Targets Cybersecurity Concerns Raised by Ex-SolarWinds Engineer
In its fraud case against SolarWinds, the SEC is pursuing testimony from former SolarWinds engineer Robert Krajcir - who lives in the Czech Republic - to address claims of lax cybersecurity practices. SolarWinds - which is also representing Krajcir - has until Friday to respond to the SEC's motion.
In its fraud case against SolarWinds, the SEC is pursuing testimony from former SolarWinds engineer Robert Krajcir - who lives in the Czech Republic - to address claims of lax cybersecurity practices. SolarWinds - which is also representing Krajcir - has until Friday to respond to the SEC's motion.
ABB Smart Building Software Flaws Invite In Hackers
4 months 3 weeks ago
Proof of Concepts Available for Cylon Aspect Energy Management Software
Vulnerabilities in a smart building energy management system including an easily exploitable, two-year-old flaw that hasn't been widely patched could let hackers take over instances misconfigured to allow internet exposure. The flaws affect Cylon Aspect software from electrical engineering firm ABB.
Vulnerabilities in a smart building energy management system including an easily exploitable, two-year-old flaw that hasn't been widely patched could let hackers take over instances misconfigured to allow internet exposure. The flaws affect Cylon Aspect software from electrical engineering firm ABB.
CISA Director Sees No Threats Impacting Election Outcome
4 months 3 weeks ago
US Cyber Defense Agency Dismisses Claims of Fraud and Assures Secure Election Day
The director of the Cybersecurity and Infrastructure Security Agency said Monday the agency has not seen any evidence of material threats that could sway the nationwide results, despite escalating claims of fraud from the Republican presidential nominee.
The director of the Cybersecurity and Infrastructure Security Agency said Monday the agency has not seen any evidence of material threats that could sway the nationwide results, despite escalating claims of fraud from the Republican presidential nominee.
UK Banks Urged to Gird for CrowdStrike-Like Outage
4 months 3 weeks ago
Regulator Tells Regulators to Enhance Third-Party Service Security
British financial institutions must ensure by this spring that they could reasonably weather a third party tech outage on the scale of July's global meltdown of 8.5 million computers triggered by a faulty update from cybersecurity firm CrowdStrike.
British financial institutions must ensure by this spring that they could reasonably weather a third party tech outage on the scale of July's global meltdown of 8.5 million computers triggered by a faulty update from cybersecurity firm CrowdStrike.
JVN: トレンドマイクロ製Deep Security Agentにおける不適切なアクセス制御の脆弱性
4 months 3 weeks ago
トレンドマイクロ株式会社から、Deep Security Agent(Windows版)向けのアップデートが公開されました。
更新3节:动态分析 | 看雪安卓高级研修班(月薪一万计划)
4 months 3 weeks ago
更新第十一章:1. 2024-11-04 更新 课时5:Method Profiling定位代码2. 2024-11-04 更新 课时4:通过UI组件定位代码3. 2024-11-04 更新 课时3: