直播预约 | ARM系统深度调试与逆向:M核精华之存储与外设
直播授课,小班教学
Aggregator
近期招聘合集汇总
9 months ago
文末投递简历
思科紧急修复致命漏洞,黑客可借此全面接管设备
9 months ago
思科修复严重漏洞,防止黑客通过硬编码令牌控制设备。
安卓逆向之插件化技术学习
9 months ago
看雪论坛作者ID:逆天而行
What your browser knows about you, from contacts to card numbers
9 months ago
Chrome and Safari are the most popular browser apps, accounting for 90% of the mobile browsers market share, according to Surfshark. They also collect the most data. Chrome: the most data-hungry browser (Source: Surfshark) The most data-hungry browsers Chrome collects 20 different types of data, including contact information, financial details, location, browsing and search history, user content, identifiers, usage data, diagnostics, and more. It is also the only browser app that collects financial information, such … More →
The post What your browser knows about you, from contacts to card numbers appeared first on Help Net Security.
Anamarija Pogorelec
点亮国家级地标!奥林匹克塔为360安全大模型“代言”
9 months ago
360安全大模型护航千行百业数转智改
点亮国家级地标!奥林匹克塔为360安全大模型“代言”
9 months ago
360安全大模型护航千行百业数转智改
Пока вы настраивали сводные таблицы, MirrorFace собрал все данные и сделал скриншоты
9 months ago
На экране был Excel, но самое главное происходило за его пределами.
重磅活动|618安全保卫战开启
9 months ago
参加618安全保卫战活动,一起为数亿万消费者的安全保驾护航!
重磅活动|618安全保卫战开启
9 months ago
参加618安全保卫战活动,一起为数亿万消费者的安全保驾护航!
Defensie verwelkomt 2.000e deelnemer Maatschappelijke Diensttijd
9 months ago
De 2.000e deelnemer aan de Maatschappelijke Diensttijd (MDT) Missie is van start gegaan. Een mijlpaal, vindt staatssecretaris Gijs Tuinman. Hij kwam gisteren dan ook naar de Generaal-majoor De Ruyter van Steveninckkazerne in Oirschot om met de cursisten in gesprek te gaan.
2025Q1企业邮箱安全报告:三大威胁升级,揭秘应对之法
9 months ago
2025年5月8日,Coremail CACTER邮件安全联合北京中睿天下信息技术有限公司发布《2025年第一季度企业邮箱安全性研究报告》。(以下简称”报告“)
报告显示,企业邮箱安全威胁仍在不断升级,整体形势依旧严峻。具体而言,主要面临三大核心威胁:垃圾邮件泛滥成规模、钓鱼邮件精准化升级以及暴力破解攻击持续高发,传统单点防护手段已难以有效应对。
在此背景下,CACTER通过技术融合与行业适配,将AI大模型、网关拦截、数据防泄露等能力整合为动态防护机制,为企业邮箱安全提供全方位、多层次的防护保障。(本文摘取季报部分数据呈现)
一、垃圾邮件同比34%,境外威胁持续上升
报告显示,2025年Q1企业邮箱垃圾邮件总量达9.76亿封,同比激增34.07%。值得注意的是,香港地区以1103.6万封垃圾邮件首次跻身境内攻击源TOP3,成为不可忽视的新型威胁源头。
从境外数据来看,美国、马来西亚等老牌攻击源持续活跃,美国已连续4个季度占据境外垃圾邮件发送源榜首,高达2175.2万封。来自马来西亚、捷克、日本的发送量分别为1329.7万封、1256.2万封、1208.3万封。
从主题上看,垃圾邮件主题以广告推广和低价值信息为主,例如职业培训、群发广告、模糊职业词诱导等,通过这些看似吸引人的话题,诱使用户点击链接或回复邮件,从而达到推广产品或获取用户信息的目的。
二、钓鱼邮件同比激增114.91%,生成式AI为主要推手
2025年Q1钓鱼邮件攻击量攀升至2.45亿,较上季度增长16.67%,较去年同期激增114.91%。近年来生成式AI技术的滥用,催生了伪造高管签名、模仿内部通知等新型钓鱼手段,使邮箱用户遭受的攻击数量大幅增加。钓鱼邮件的精准化升级,不仅增加了用户识别的难度,也加剧了数据泄露和经济损失的风险。
从境外数据来看,日本跃居美国成为钓鱼邮件攻击的主要来源,其数量远远超过其他国家,达到了1341.2万封。其次为美国,发送量413.7万封;俄罗斯排行第三,发送量340.9万封。
从主题上看,钓鱼邮件主题高度呈现紧迫性和权威性,例如使用安全威胁、账号限制、官方伪装等,诱使用户点击链接或泄露敏感信息。
三、全域破解攻击量达峰值,呈现量增效降特征
2025年Q1企业级用户遭受超过无差别的暴力破解达到47.7 亿次,环比2024年Q4增长13.03%。虽然全域被暴力破解成功的次数为 519.3 万次,成功率仅 0.11%,呈现出量增效降的特征,但攻击量已接近历史峰值,这依然给企业邮箱安全带来了巨大的压力。
从被攻击TOP100域名的行业分析来看,企业(占比49%)和教育行业(占比36%)因其具有大量高价值用户数据,成为黑客列为主要攻击目标,远超其他行业。因此企业和教育行业亟需加强邮箱账号的安全防范措施,防止数据泄露。
四、三大主要威胁,CACTER出招守护
面对 2025 年Q1企业邮箱出现的垃圾邮件规模化泛滥、钓鱼攻击精准化升级、暴力破解持续高发这三大主要威胁,CACTER 提出了针对性的防护建议:
1、拦截规模化恶意邮件威胁
针对境外垃圾邮件泛滥与普通钓鱼攻击,可采用CACTER邮件安全网关。该产品基于自研反垃圾引擎与威胁情报库,实现动态封堵高频攻击源(如美国、日本IP等),并深度解析邮件主题与内容。
2、破解破解AI驱动的高级钓鱼威胁
当前 AI 驱动的邮件攻击愈演愈烈,攻击者利用大模型实现 “目标分析-钓鱼生成” 的自动化攻击闭环,批量生成高仿真钓鱼内容,结合多态混淆技术突破传统检测。对此,CACTER大模型邮件安全网关基于大模型技术突破传统网关局限,创新推出三大核心模块:
·高管保护方案:定向防御核心人员的恶意攻击
·大模型 URL沙箱:智能检测新型恶意链接
·AI统计报告:深度解析邮件恶意数据,提出邮件防控策略
在提升反垃圾/反钓鱼/反病毒能力的同时,降低运维成本,适配企业多样化安全需求。
3、加固账号与数据安全
针对暴力破解与数据泄露风险,建议结合安全管理中心SMC2与邮件数据防泄露EDLP系统进行防护。
·安全管理中心SMC2:可进行用户安全巡检,设置高风险、中风险、潜在风险的用户画像,系统实时监控异常登录行为(如境外IP频繁访问),助力管控高危账号,减少弱密码等问题导致的暴力破解成功率
·邮件数据防泄露EDLP:EDLP的邮件全检策略,能够自动检测外发邮件中的敏感信息(如身份证号、商业合同),并联动分级审批流程。同时EDLP能够留存完整邮件追溯记录,有效降低数据泄露风险。
从2025 年 Q1报告看, 企业邮箱攻击仍呈现出多样化、复杂化的新形势和新威胁,企业应紧跟行业趋势,及时更新防护策略,加强对员工的安全培训,提高员工的安全意识。
Coremail邮件安全
CVE-2020-6433 | Google Chrome up to 80.0.3987.162 Policy Enforcement HTML Page privileges management (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability was found in Google Chrome. It has been rated as critical. Affected by this issue is some unknown functionality of the component Policy Enforcement. The manipulation as part of HTML Page leads to improper privilege management.
This vulnerability is handled as CVE-2020-6433. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6434 | Google Chrome up to 80.0.3987.162 DevTools HTML Page use after free (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability classified as critical has been found in Google Chrome. This affects an unknown part of the component DevTools. The manipulation as part of HTML Page leads to use after free.
This vulnerability is uniquely identified as CVE-2020-6434. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6435 | Google Chrome up to 80.0.3987.162 Policy Enforcement HTML Page privileges management (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability classified as critical was found in Google Chrome. This vulnerability affects unknown code of the component Policy Enforcement. The manipulation as part of HTML Page leads to improper privilege management.
This vulnerability was named CVE-2020-6435. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6436 | Google Chrome up to 80.0.3987.162 Window Management HTML Page use after free (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability, which was classified as critical, has been found in Google Chrome. This issue affects some unknown processing of the component Window Management. The manipulation as part of HTML Page leads to use after free.
The identification of this vulnerability is CVE-2020-6436. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6437 | Google Chrome up to 80.0.3987.162 WebView Crafted Application authentication spoofing (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown function of the component WebView. The manipulation as part of Crafted Application leads to authentication bypass by spoofing.
This vulnerability is traded as CVE-2020-6437. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6438 | Google Chrome up to 80.0.3987.162 Policy Enforcement information disclosure (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability has been found in Google Chrome and classified as critical. Affected by this vulnerability is an unknown functionality of the component Policy Enforcement. The manipulation leads to information disclosure.
This vulnerability is known as CVE-2020-6438. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6440 | Google Chrome up to 80.0.3987.162 Extensions information disclosure (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability was found in Google Chrome. It has been classified as problematic. This affects an unknown part of the component Extensions. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2020-6440. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-6439 | Google Chrome up to 80.0.3987.162 Policy Enforcement HTML Page default permission (FEDORA-2020-0e7f1b663b)
9 months ago
A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component Policy Enforcement. The manipulation as part of HTML Page leads to incorrect default permissions.
This vulnerability is handled as CVE-2020-6439. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com