Aggregator

#软件资讯 百度网盘限制用户登录设备数量严重影响使用，甚至想要踢掉已登录设备都有操作限制，导致用户无法登录设备。蓝点网网友 @久故开通 3 年百度网盘 SVIP 会员，没想到关键时刻却

“bitpixie”漏洞通过利用Windows启动管理器的降级攻击，使攻击者可以在不物理篡改设备的情况下绕过安全启动。

主站 分类 漏洞 工具 极客

Linus Torvalds 在内核邮件列表上宣布释出 Linux 6.13，开启 6.14 合并窗口。Linux 6.13 的主要新特性包括：CPU 调度支持延迟抢占，Arm64 Guarded Control Stack 支持，PIDFD_GET_INFO() 操作，多粒度文件时间戳，ext4 和 XFS 文件系统初步支持原子写入，setxattrat()、getxattrat()、listxattrat()以及removexattrat()系统调用，BPF 程序的私有栈功能，向内存映射引入保护页（guard pages）的新机制，AMD 3D V-Cache 优化器驱动，初步支持英特尔 Xe3 显卡，NVMe 2.1 支持，移除了 ReiserFS 文件系统，等等，更多信息可浏览 KernelNewbies 6.13 页面。

Linus Torvalds 在内核邮件列表上宣布释出 Linux 6.13，开启 6.14 合并窗口。Linux 6.13 的主要新特性包括：CPU 调度支持延迟抢占，Arm64 Gua

Теперь геймеры могут продолжить прохождение франшизы на самой свежей версии ОС.

快速浏览！2025.1.13—1.19安全动态周回顾。

医疗行业涉及大量敏感数据，包括患者的健康信息和医疗记录。因此，医疗数据的保护一直是行业中的重中之重。随着电子病历、远程医疗等新技术的应用，医疗行业面临着更多的网络安全威胁。在本期，我们将展示医疗行业的一些典型案例，探讨如何加强医疗数据保护，保障患者隐私和数据安全。 PS：典型案例展示排名不分先后，按企业简称首字母排序。

#科技资讯 Linux Kernel 6.13 正式版发布，带来多项功能改进并提供更多硬件特性支持等。新的亮点功能包括延迟抢占功能支持以简化内核的抢占逻辑、在 Intel Arrow

A critical remote code execution (RCE) vulnerability, tracked as CVE-2024-53691, has recently come to light, affecting users of QNAP’s QTS and QuTS Hero operating systems. This vulnerability enables remote attackers with user access privileges to traverse the file system and run arbitrary code on affected systems. With a CVSS score of 8.7, the severity of […]

The post PoC Exploit Released for QNAP RCE Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Supply Chain Attack / SolanaCybersecurity researchers have identified three sets of malicious pack

Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below - @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing liquidity pool

A vulnerability was found in Sun Solaris 5.10. It has been classified as problematic. Affected is an unknown function. The manipulation leads to an unknown weakness. This vulnerability is traded as CVE-2010-4460. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in IBM Tivoli Access Manager for e-business up to 6.1.0. Affected by this issue is some unknown functionality. The manipulation leads to path traversal. This vulnerability is handled as CVE-2010-4622. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, was found in Citrix Access Gateway up to 8.1-69.4. This affects an unknown part of the component NTLM Authentication. The manipulation of the argument line leads to improper privilege management. This vulnerability is uniquely identified as CVE-2010-4566. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Eclipse IDE. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2010-4647. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in ProFTPD up to 1.3.3. Affected is the function sql_prepare_where of the component contrib/mod_sql.c). The manipulation leads to memory corruption. This vulnerability is traded as CVE-2010-4652. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

#科技资讯 TikTok 在美国市场重新恢复运营，不过苹果和谷歌暂时还未恢复 TikTok 的下载安装。昨天夜里特朗普发布声明豁免帮助 TikTok 恢复运营的其他公司的责任后，Tik