Aggregator

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 清华大学公共管理学院教授 孟庆国人工智能是新一轮科技革命和产业变革的重要驱动力量。数据标注是对原始数据进行采集、

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063工业和信息化部办公厅关于加强互联网数据中心客户数据安全保护的通知工信厅网安〔2025〕5号各省、自治区、直辖市通信管理局

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063问车载人工智能机器人，过去一个月车辆到过何处，答案一清二楚；车辆发生事故，车企能比车主更早获取行车记录视频；车刚开了30

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 西南政法大学民商法学院 邝书铭针对数据处理者将个人数据传输到新加坡以外的国家或者地区的个人数据跨境传输行为，新加

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-823410632024年，按照公安部统一部署，全国公安机关网安部门聚焦危害系统数据安全、社会公共秩序、生产交通安全、市场税收秩序、生态

Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency

A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerability, tracked as CVE-2024-50603 (CVSS score: 10.0), in the Aviatrix Controller. The flaw impacts Aviatrix Controller pre-7.1.4191 and 7.2.x pre-7.2.4996, it allows unauthenticated attackers to execute arbitrary code via improper command […]

A vulnerability, which was classified as critical, was found in Selesta Visual Access Manager up to 4.42.1. This affects an unknown part of the file /vam/vam_visits.php of the component POST Parameter Handler. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2023-42244. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Selesta Visual Access Manager up to 4.42.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /vam/vam_ep.php. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-42246. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Selesta Visual Access Manager up to 4.42.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file monitor/s_monitor_map.php. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2023-42247. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Selesta Visual Access Manager up to 4.42.1. This vulnerability affects unknown code of the file monitor/s_scheduledfile.php. The manipulation leads to cross site scripting. This vulnerability was named CVE-2023-42245. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Создатель Википедии и голливудские звезды запускают свободную альтернативу Twitter.

CISA claims US critical infrastructure providers are improving cyber hygiene and remediation activities

美国周一公布了新的管制措施，进一步限制了 AI 芯片出口。新管制措施将各个国家划分为 3 个梯队。第一梯队（Tier-1）为美国的同盟国日本、韩国、英法德等 18 个国家和地区。这些地区在

美国周一公布了新的管制措施，进一步限制了 AI 芯片出口。新管制措施将各个国家划分为 3 个梯队。第一梯队（Tier-1）为美国的同盟国日本、韩国、英法德等 18 个国家和地区。这些地区在先进半导体及 AI 基础模型的技术转让方面不受限制。设立新规则的是面向东南亚各国及中东各国等第二梯队（Tier-2）国家的先进半导体出口，共有大约 120 个国家。面向第二梯队国家的大多数出口都需要获得美国政府的批准。需要很长时间才能获批，有时还不批准。根据新的管制方案，这些国家有芯片出口数量限制，超过限制数量后需要申请。第三梯队（Tier-3）则包括中俄等 22 个国家，除了此前的出口限制，还禁止了 AI 技术转让。

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士威胁行动者们正在利用Aviatrix Controller 实例中的一个严重的远程命令执行漏洞 (CVE-2024-50603)，安装后门和密币挖矿

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士苹果公司最近修复了一个macOS 漏洞，可导致攻击者绕过系统完整性保护 (SIP) 措施并通过加载第三方内核扩展的方式安装恶意内核驱动。SIP 或

速修复

速修复