Aggregator

最引人注目的是来自STARLabs SG的Nguyen Hoang Thach对VMware ESXi的成功攻击，他利用整数溢出漏洞获得了15万美元。

FIs Must Invest in AI-Fueled Behavioral Biometrics to Go Beyond Static Credentials
Scammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within.

Homeland Security Secretary Says Trump Budget Strengthens Cybersecurity
Senate Democrats Tuesday pushed Homeland Security Secretary Kristi Noem on the Trump administration's cuts to the cybersecurity component of the U.S. federal department she leads. Noem told senators the U.S. Cybersecurity and Infrastructure Agency will "continue to fulfill" its statutory obligations.

Scattered Spider Stole Tata Consulting Services Employee Login Details for Hack
British retailer Marks & Spencer was reportedly compromised by cybercrime group Scattered Spider using stolen employee credentials from a third-party IT company. Citing an unidentified source, Reuters reported hackers used the M&S login credentials of two Tata Consulting Services employees.

Georgia Court Allows Claims of Fraud, Trespass Over Falcon Software Update
Delta can proceed with its lawsuit against CrowdStrike over a July 2024 update that allegedly bypassed Microsoft safeguards and crashed thousands of systems. The judge found that Delta sufficiently alleged fraud, computer trespass and gross negligence, allowing key claims to move forward.

一个精明股票骗局，骗子通过多次准确预测股票走势来建立信任，最终试图诱导投资。Rachel Tobac是一位社交工程专家。她分享了如何从对黑客一无所知，通过参加 Defcon 大会并屡次在社交工程竞赛中获奖，最终成立了自己的安全公司 SocialProof Security。她详细描述了两次成功的渗透测试经历：一次是利用伪造的证件通过电话攻破银行账户，另一次是冒充求职者在面试中获取公司的并购信息。录音最后探讨了人工智能（AI）在语音克隆和深度伪造方面的风险，以及未来建立信任验证机制的必要性。

本文来源于知乎用户『洞源实验室』对热门提问的回答，更多干货内容可关注我们的知乎账号，第一时间获取最新回答！

Ты устанавливаешь «полезный инструмент», а кто-то устанавливает доступ к твоему устройству.

Китайские APT снова в деле — что они забыли в макросах для Microsoft Word?

In this Help Net Security interview, Anuj Goel, CEO of Cyware, discusses how threat intelligence is no longer a nice to have, it’s a core cyber defense requirement. But turning intelligence into action remains a challenge for many organizations. The path forward lies in integration, automation, and collaboration across technical and executive teams. With the right strategy, threat intelligence can become not just a source of awareness, but a driver of speed, precision, and resilience. … More →

The post What good threat intelligence looks like in practice appeared first on Help Net Security.

Google 在 I/O 2025 大会上宣布开始向美国搜索服务的用户推送 AI 模式（A.I. Mode）——以对话的方式向用户返回所查询问题的答案，工作方式类似 AI 聊天机器人。AI 模式此前通过 Labs 提供给用户试用，在 I/O 2025 上 Google 宣布了一系列新功能，包括新购物工具，比价，为金融和体育查询创建自定义图表和图形，等等。AI 模式使用的大模型是 Gemini 2.5 的一个定制版本。Google 计划未来为 AI 模式引入深度研究（Deep Research）模式的分支深度搜索（Deep Search）。

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its […]

Currently trending CVE - Hype Score: 12

Currently trending CVE - Hype Score: 6 - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.

中亚，这片位于欧亚大陆心脏地带的神秘区域，常常被世界舞台的聚光灯所忽略。2025年，这片看似平静的土地却悄然

本文约2797字，预计阅读时间10分钟。情报分析的核心任务之一，是将收集来的离散数据整合成有意义的图景。

Никто не ожидал, что вредонос можно так легко найти в официальном источнике.

A vulnerability, which was classified as critical, has been found in Google Chrome. This issue affects some unknown processing of the component SQLite. The manipulation as part of HTML Page leads to out-of-bounds read. The identification of this vulnerability is CVE-2019-13753. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Google Chrome. This vulnerability affects unknown code of the component SQLite. The manipulation as part of HTML Page leads to out-of-bounds read. This vulnerability was named CVE-2019-13752. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.