Aggregator
Видеозвонок от курьера? За ним может скрываться цифровая афера
8 months 3 weeks ago
Мошенники масштабируют атаки с ИИ.
Business Email Compromise, ACH Transactions, and Liability
8 months 3 weeks ago
Business Email Compromise (BEC) fraud represents one of the most insidious threats facing businesses and individuals today.
The post Business Email Compromise, ACH Transactions, and Liability appeared first on Security Boulevard.
Mark Rasch
法治 | “AI帮你一分钟搞定问诊开药”被叫停!如何为人工智能应用划红线?
8 months 3 weeks ago
当前,多家医院引入人工智能,并将其应用于临床、科研等多个场景。甚至,有营销宣传声称——“AI帮你一分钟搞定问诊、开药”。近期,湖南省医保局印发通知明确规定:“严禁使用 AI人工智能等自动生成处方”,引发网络热议。
国际 | 瑞典政府发布《国家网络安全战略2025-2029年》
8 months 3 weeks ago
3月20日,瑞典政府正式向议会提交了《国家网络安全战略2025-2029年》,对未来五年的国家网络安全建设进行了整体谋划,以应对日益复杂的网络安全威胁,提升国家整体网络安全水平。
评论 | 筑牢人脸信息安全防线
8 months 3 weeks ago
近日,国家互联网信息办公室、公安部联合公布了《人脸识别技术应用安全管理办法》,对应用人脸识别技术处理人脸信息的基本要求、处理规则、应用安全规范、监督管理职责等作出规定,旨在进一步扎紧人脸信息保护的“篱...
评论 | 给AI生成内容加标识的治理启示
8 months 3 weeks ago
近日,国家网信办、工业和信息化部、公安部、国家广播电视总局联合发布《人工智能生成合成内容标识办法》,将于今年9月1日起施行。
通知 | 北京市网信办等三部门印发《北京市数据跨境流动便利化综合配套改革实施方案》(附全文)
8 months 3 weeks ago
近日,北京市互联网信息办公室等三部门印发《北京市数据跨境流动便利化综合配套改革实施方案》。
发布 | 《工业和信息化领域人工智能安全治理标准体系建设指南(2025)(征求意见稿)》公开征求意见(附全文)
8 months 3 weeks ago
意见反馈截止日期为2025年4月15日前。
关于第二届“长城杯”铁人三项赛(防护赛)决赛入围队伍名单公示的通知
8 months 3 weeks ago
关于第二届“长城杯”铁人三项赛(防护赛)决赛入围队伍名单公示的通知
SectopRAT:作为武器化 Cloudflare Turnstile Challenge 向 Windows 用户发起攻击
8 months 3 weeks ago
安全客
FamousSparrow resurfaces to spy on targets in the US, Latin America
8 months 3 weeks ago
Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time
大模型安全警报:你的AI客服正在泄露客户银行卡号
8 months 3 weeks ago
本研究旨在系统性分析Prompt注入的类型、攻击方式及防御策略,以提升大模型的安全性。
CVE-2011-4595 | Pretty Links Plugin up to 1.5.5 on WordPress URL Parameter cross site scripting (EDB-36408)
8 months 3 weeks ago
A vulnerability was found in Pretty Links Plugin up to 1.5.5 on WordPress. It has been classified as problematic. Affected is an unknown function of the component URL Parameter Handler. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2011-4595. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Бессмертные бэкдоры: новая тактика атак на экосистему npm
8 months 3 weeks ago
Инновационный метод позволяет хакерам навсегда сохранить доступ к скомпрометированным системам.
数据跨境 | 韩国数据安全与跨境合规实践
8 months 3 weeks ago
韩国个人信息安全法律法规及企业实践参考
新型 npm 恶意软件对热门以太坊库发动后门感染攻击
8 months 3 weeks ago
安全客
PJobRAT makes a comeback, takes another crack at chat apps
8 months 3 weeks ago
Sophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan
Pankaj Kohli
NCA Warns of Sadistic Online “Com” Networks
8 months 3 weeks ago
The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens
CVE-2025-2481 | MediaView Plugin up to 1.1.2 on WordPress ID cross site scripting
8 months 3 weeks ago
A vulnerability classified as problematic has been found in MediaView Plugin up to 1.1.2 on WordPress. This affects an unknown part. The manipulation of the argument ID leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-2481. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com