Aggregator
Google 转向 Rust 编程将 Android 内存漏洞减少了 52%
1 year 6 months ago
安全客
China's Salt Typhoon Cyber Spies Are Deep Inside US ISPs
1 year 6 months ago
WordPress.org 拒绝向 WP Engine 提供服务,可能会使网站面临风险
1 year 6 months ago
安全客
Necro 木马的新变种感染了超过 1100 万台设备
1 year 6 months ago
安全客
戴尔在一周内遭受第三次数据泄露,遭到“grep”网络攻击
1 year 6 months ago
安全客
Proxmox 虚拟环境和邮件网关暴露于关键 API 漏洞中
1 year 6 months ago
安全客
GitLab 发布关键安全更新,修复严重漏洞 CVE-2024-45409
1 year 6 months ago
安全客
新的 RomCom 变体“SnipBot”揭晓:一种针对企业网络的复杂恶意软件
1 year 6 months ago
安全客
被一张网图忽悠去看《我与地坛》
1 year 6 months ago
《我与地坛》这类作品不是我这俗人的菜
大脑如何感知日常生活
1 year 6 months ago
科学家曾利用脑部记录和神经成像来探索大脑如何处理空间导航,结果表明,人类大脑的海马体和内嗅皮层两个区域都发挥了关键作用。进一步研究发现,类似神经活动还可代表非空间体验,如时间、声音频率和物体特征。在新研究中,加州洛杉矶分校团队招募了 17 名难治性癫痫患者。他们的大脑中曾植入深部电极以接受临床治疗。团队为参与者设计了一项涉及行为任务、模式识别和图像排序的复杂任务,在整个过程中,团队记录了他们的神经活动。由于此次直接记录了人类单个神经元的活动,团队得以发现特定类型脑细胞的放电方式,这能反映出一个人经历事件的顺序和结构。当经历结束后,大脑会保留这些独特的放电模式,并在休息时快速重现。不仅如此,大脑还能凭借这些习得的模式,为未来将接受的刺激做好准备。这一发现首次提供了证据,证明特定脑细胞是如何整合时间与经历信息,并对其提取和保留的。
CVE-2007-3939 | SpoonLabs Vivvo Article Management CMS up to 3.40 index.php category sql injection (EDB-4192 / XFDB-35464)
1 year 6 months ago
A vulnerability was found in SpoonLabs Vivvo Article Management CMS up to 3.40 and classified as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument category leads to sql injection.
This vulnerability is handled as CVE-2007-3939. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
LG 开始在电视屏保上展示广告
1 year 6 months ago
LG 宣布开始在电视屏保上展示广告。LG 最早是在 9 月 5 日向广告商披露这一计划的,没有向消费者或其电视客户广而告之,显然是因为广告不是什么让消费者兴奋的功能。用户报告在 LG 最新
360携手北京交通大学 共启网络安全人才培养新篇章
1 year 6 months ago
安全客
“无人机网络安全”专题征稿
1 year 6 months ago
Moving DevOps Security Out of the 'Stone Age'
1 year 6 months ago
Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.
Robert Lemos, Contributing Writer
CVE-2016-5404 | FreeIPA cert_revoke access control (FEDORA-2016-7898627d08 / Nessus ID 93205)
1 year 6 months ago
A vulnerability, which was classified as critical, was found in FreeIPA. This affects an unknown part of the component cert_revoke. The manipulation leads to improper access controls.
This vulnerability is uniquely identified as CVE-2016-5404. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2016-5410 | firewalld up to 0.4.3.2 firewalld.py improper authentication (RHSA-2016:2597 / Nessus ID 95343)
1 year 6 months ago
A vulnerability was found in firewalld up to 0.4.3.2 and classified as problematic. This issue affects some unknown processing of the file firewalld.py. The manipulation leads to improper authentication.
The identification of this vulnerability is CVE-2016-5410. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
How DataDome Protected Grocery Chains from a Mobile App Credential Stuffing Attack
1 year 6 months ago
Multiple grocery store chains recently faced a 42 million requests credential stuffing attack on their mobile apps. Learn how DataDome stopped the attack in its tracks, keeping the customer safe.
The post How DataDome Protected Grocery Chains from a Mobile App Credential Stuffing Attack appeared first on Security Boulevard.
Antoine Vastel
Browser-related malware on the rise | Red Canary Threat Intelligence
1 year 6 months ago
Red Canary