Aggregator

来自上海交通大学计算机系副教授林云老师的报告聚焦于网络钓鱼攻击检测的前沿研究。团队提出一种新型检测框架——PhishLLM，通过大型语言模型实现对钓鱼网页的高效检测。PhishLLM利用LLM中已编码

来自中国海洋大学的副教授刘超的报告以“面向安全的无线感知技术”为主题，探讨无线信号与环境交互后产生变化的信息价值。无线感知技术通过分析信号因障碍物、反射和折射引起的变化，推测环境中物体、人员的位置及运

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

来自清华大学博士研究生陈熠豪介绍了一种基于语义感知网络表示学习模型的新型BGP异常检测系统。该系统通过提取自治系统的“路由角色”并监测其异常变化，解决了传统方法依赖人工分析和机器学习模型训练成本高、结

来自浙江大学专职研究员刘沛宇分享了ChatGPT在漏洞管理任务中的能力。漏洞管理的生命周期包含了漏洞发现、漏洞确认与评估及漏洞修复与确认等阶段，而现存许多研究仅尝试在其中部分流程使用大模型。他们发现，

A vulnerability has been found in Apple Safari up to 12.0.1 and classified as critical. This vulnerability affects unknown code of the component WebKit. The manipulation leads to memory corruption. This vulnerability was named CVE-2018-4442. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Few voices carry the depth of insight that Ran Hammer brings to the table. A former corporate lawyer

A vulnerability classified as critical has been found in Apple macOS up to 10.14.5. Affected is an unknown function of the component Core Data. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2019-8646. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in XAMPP Apache Distribution 1.4.x. It has been rated as very critical. Affected by this issue is some unknown functionality. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2005-1078. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to add further authentication.

A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server.  The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it a

A high-severity security flaw has been disclosed in Meta's Llama large language model (LLM) framew

A vulnerability was found in vilistextum 2.6.6 and classified as very critical. This issue affects the function get_attr of the file html.c. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2004-1299. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Apple Mac OS X up to 10.11.4. This affects an unknown part of the component AppleGraphicsControl. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2016-1794. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Name: AlpacaHack Round 9 (Crypto) (an AlpacaHack event.)
Date: Jan. 26, 2025, 3 a.m. — 26 Jan. 2025, 09:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://alpacahack.com/
Rating weight: 0
Event organizers: AlpacaHack

恶意样本分析环境搭建以及工具介绍