Aggregator

DeepSeek 持续火爆，多个云平台上线相关模型「抢食」算力需求； 今日起，国内航线燃油附加费上调，800 公里以上每段增长 40 元； 刷新影史纪录 2025 年春节档总观影人次突破 1.7 亿

Online food ordering and delivery platform GrubHub suffered a data breach that exposed the personal information of drivers and customers. This week the online food ordering and delivery firm GrubHub disclosed a data breach that exposed customer and driver information.  Recently, the company detected an anomalous activity within its infrastructure, then it launched an investigation […]

フィッシング対策協議会は、国内のフィッシング詐欺における送信ドメイン認証技術「DMARC」の導入状況と必要性を解説する文書を公開しました。本文書では、国内企業におけるDMARCの導入状況と運用実態を示すとともに、より強力な対策を実現するためにポリシー強度を引きあげる必要があることを指摘しています。

新起点，新目标，新辉煌，等你来创！

新起点，新目标，新辉煌，等你来创！

新起点，新目标，新辉煌，等你来创！

3rd Round of Layoffs in 3 Years Comes as Rival CyberArk Surpasses Okta's Valuation
Okta will execute its third round of layoffs in three years, cutting 180 employees to reallocate resources toward priorities to drive growth. The San Francisco-based identity security giant on Tuesday shared plans to reduce its staff by 3% in what has become somewhat of an annual tradition for Okta.

'Frontier AI Framework' Identifies Risk Categories, Action Plan
Meta has set new limits on the release of its advanced artificial intelligence models, establishing a framework detailing the criteria for restricting systems deemed too dangerous for public release. Meta's Frontier AI Framework identifies two risk categories: high and critical.

Attacks Hit Hospitals, Clinics in California, Alabama and Colorado
Three healthcare entities - including a California hospital and outpatient care provider, an Alabama cardiology practice, and a Colorado community health system, are notifying a total of more than 1.2 million individuals that their sensitive information was compromised in 2024 hacks.

FIs Expected to Move from Periodic Reviews to Perpetual KYC
Banks are struggling to keep up with evolving KYC expectations. Despite efforts to modernize, outdated processes continue to leave compliance gaps, leading to increased regulatory action. Penalties for financial institutions surged with KYC-related fines more than doubling to $51 million.

Fraud groups are using cutting-edge technology to scale their operations to create fake identities and execute fraud campaigns.

The security startup's autonomous security remediation platform uses off-the-shelf large language models (LLMs) to analyze security alerts and apply the fixes.

Netgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117, impacting multiple WiFi router models and urged customers to install the latest firmware. The two flaws are, respectively, a remote code execution issue and an authentication bypass vulnerability. […]

Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year.

Espionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass Hits
Russian hackers targeting Ukrainian government agencies and businesses - including a major automotive manufacturer - have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware.

OneTrust's Ojas Rege Details Act Requirements, AI Governance Challenges
The first set of rules banning high-risk AI systems under the European Union AI Act went into effect on Sunday. Starting this week, companies are now barred from deploying AI-driven emotion recognition in the workplace and schools. OneTrust's Ojas Rege discusses the implications.

3rd Round of Layoffs in 3 Years Comes as Rival CyberArk Surpasses Okta's Valuation
Okta will execute its third round of layoffs in three years, cutting 180 employees to reallocate resources toward priorities to drive growth. The San Francisco-based identity security giant on Tuesday shared plans to reduce its staff by 3% in what has become somewhat of an annual tradition for Okta.

'Frontier AI Framework' Identifies Risk Categories, Action Plan
Meta has set new limits on the release of its advanced artificial intelligence models, establishing a framework detailing the criteria for restricting systems deemed too dangerous for public release. Meta's Frontier AI Framework identifies two risk categories: high and critical.

A vulnerability was found in CommodityRentals CD Rental Software and classified as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument cat_id leads to sql injection. This vulnerability is handled as CVE-2010-0762. The attack may be launched remotely. Furthermore, there is an exploit available.