Aggregator
中国代表:在科技治理上需统筹发展和安全
10 months ago
CVE-2002-0343 | Hotline Connect 1.8.5 Bookmark File Password missing encryption (XFDB-8327 / BID-4210)
10 months ago
A vulnerability has been found in Hotline Connect 1.8.5 and classified as problematic. This vulnerability affects unknown code of the component Bookmark File Handler. The manipulation leads to missing encryption of sensitive data (Password).
This vulnerability was named CVE-2002-0343. Attacking locally is a requirement. There is no exploit available.
vuldb.com
落实安全左移迫在眉睫 | 伊朗APT34组织针对阿联酋及海湾关键基础设施发动攻击
10 months ago
SAST+SCA+AI大语言模型,海云安D10实现一键快速修复。
网络资产隐患丛生 攻击面管理如何化解
10 months ago
从攻击者视角发现弱点,提升资产可见性,识别评估和响应潜在威胁。
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
10 months ago
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. [...]
Bill Toulas
Code Red: How KnowBe4 Exposed a North Korean IT Infiltration
10 months ago
Meta Tests Facial Recognition to Curb Deepfake Scams
10 months ago
Firm Won't Deploy Feature in the EU, UK Due to Data Collection Norms
Meta is rolling out facial recognition technology on its social media platforms to spot scam ads featuring celebrity deepfakes. Meta took down 8,000 of the "celeb bait" scam ads. The feature also aims to verify the identities of users locked out of their Facebook or Instagram accounts.
Meta is rolling out facial recognition technology on its social media platforms to spot scam ads featuring celebrity deepfakes. Meta took down 8,000 of the "celeb bait" scam ads. The feature also aims to verify the identities of users locked out of their Facebook or Instagram accounts.
AI Industry Coalition Seeks to Codify US Safety Institute
10 months ago
Tech Giants, AI Firms, Academics Urge Congress to Take Action by Term-End
A coalition of more than 60 AI industry players is pushing Congress to prioritize legislation that would codify the U.S. Artificial Intelligence Safety Institute. The letter says the action would allow U.S. to maintain influence in the development of science-backed standards for advanced AI systems.
A coalition of more than 60 AI industry players is pushing Congress to prioritize legislation that would codify the U.S. Artificial Intelligence Safety Institute. The letter says the action would allow U.S. to maintain influence in the development of science-backed standards for advanced AI systems.
Code Red: How KnowBe4 Exposed a North Korean IT Infiltration
10 months ago
Meta Tests Facial Recognition to Curb Deepfake Scams
10 months ago
Firm Won't Deploy Feature in the EU, UK Due to Data Collection Norms
Meta is rolling out facial recognition technology on its social media platforms to spot scam ads featuring celebrity deepfakes. Meta took down 8,000 of the "celeb bait" scam ads. The feature also aims to verify the identities of users locked out of their Facebook or Instagram accounts.
Meta is rolling out facial recognition technology on its social media platforms to spot scam ads featuring celebrity deepfakes. Meta took down 8,000 of the "celeb bait" scam ads. The feature also aims to verify the identities of users locked out of their Facebook or Instagram accounts.
AI Industry Coalition Seeks to Codify US Safety Institute
10 months ago
Tech Giants, AI Firms, Academics Urge Congress to Take Action by Term-End
A coalition of more than 60 AI industry players is pushing Congress to prioritize legislation that would codify the U.S. Artificial Intelligence Safety Institute. The letter says the action would allow U.S. to maintain influence in the development of science-backed standards for advanced AI systems.
A coalition of more than 60 AI industry players is pushing Congress to prioritize legislation that would codify the U.S. Artificial Intelligence Safety Institute. The letter says the action would allow U.S. to maintain influence in the development of science-backed standards for advanced AI systems.
我用一招「隐藏术」,PUA 了所有大模型
10 months ago
别担心AI控制人类了,PUA大模型是分分钟的事儿。
CVE-2024-9949 | Forescout SecureConnector up to 11.3.5 on Windows Configuration File insecure default initialization of resource
10 months ago
A vulnerability was found in Forescout SecureConnector up to 11.3.5 on Windows. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Configuration File Handler. The manipulation leads to insecure default initialization of resource.
This vulnerability is handled as CVE-2024-9949. It is possible to launch the attack on the local host. There is no exploit available.
vuldb.com
筑牢数字安全屏障,360中标中国移动终端安全软件产品集采项目
10 months ago
360中标中移动集采
在德华裔男子通过小红书寻找性侵猎物,法兰克福及周边发生四起连环性侵案,专门针对单身女房东
10 months ago
出门在外,善自珍重,女性更应保护自己。不合常理的紧急求租更要小心。
CVE-2024-49756 | AshPostgres up to 2.4.9 file access (GHSA-hf59-7rwq-785m)
10 months ago
A vulnerability was found in AshPostgres up to 2.4.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to files or directories accessible.
This vulnerability is known as CVE-2024-49756. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-9374 | Terms Descriptions Plugin up to 3.4.6 on WordPress cross site scripting
10 months ago
A vulnerability was found in Terms Descriptions Plugin up to 3.4.6 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2024-9374. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
默安科技攻击队勇夺湖北省“HW2024”网络攻防实战演习魁首!
10 months ago
实至名归!
CVE-2024-20388 | Cisco Firepower Management Center up to 7.4.1.1 cross site scripting (cisco-sa-fmc-xss-infodisc-RL4mJFer)
10 months ago
A vulnerability was found in Cisco Firepower Management Center and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2024-20388. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com