INC
You must login to view this content
Aggregator
论韧性数字安全体系(手稿)
2 months 3 weeks ago
一、引言在当代肿瘤医学中,治疗癌症的目标已从“彻底根除”转向“长期控制”,即将其转化为一种可以持续管理的慢性病
Aravo Evaluate Engine manages and optimizes third-party risks
2 months 3 weeks ago
Aravo announced new innovations that add significant enhancements to its Evaluate Engine, enabling customers to extend the scale, scope, and range of their third-party risk scoring to meet their organizations risk appetite. The Evaluate Engine is part of Aravo’s Intelligence First Platform, which is purpose-built to help organizations manage and optimize third-party risks. The enhancements come at a critical time as third-party risks and regulatory scrutiny continue to rise. Fifty-five percent of supply chain professionals … More →
The post Aravo Evaluate Engine manages and optimizes third-party risks appeared first on Help Net Security.
Industry News
Microsoft fixes Surface Hub boot issues with emergency update
2 months 3 weeks ago
Microsoft has released an emergency update to fix a known issue causing startup failures for some Surface Hub v1 devices running Windows 10. [...]
Sergiu Gatlan
How to automate IT ticket handling with AI and Tines
2 months 3 weeks ago
Tired of drowning in IT tickets? This AI-powered workflow built on Tines auto-triages common issues like known bugs & password resets—saving time for your team and speeding up resolution. Learn more about Tines and get a free account now. [...]
Sponsored by Tines
Operation Endgame: Do Takedowns and Arrests Matter?
2 months 3 weeks ago
Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.
James Shank
Dreigingsbeeld Terrorisme Nederland: toenemende online radicalisering van jongeren
2 months 3 weeks ago
De dreigingen die volgen uit de snelle online radicalisering van jongeren zijn een gevaar voor de nationale veiligheid. Dit staat in het vandaag verschenen Dreigingsbeeld Terrorisme Nederland (DTN) van de Nationaal Coördinator Terrorismebestrijding en Veiligheid (NCTV), dat is opgesteld op basis van informatie van onder andere de AIVD. De kans op een terroristische aanslag in Nederland is reëel, daarom blijft het dreigingsniveau op 4 (substantieel).
What Is Vulnerability Prioritization? A No-Fluff Playbook
2 months 3 weeks ago
Vulnerabilities, on their own, don’t mean much. You could be staring at thousands of scanner alerts every week, but unless you know which ones truly matter, you’re just reacting to...
The post What Is Vulnerability Prioritization? A No-Fluff Playbook appeared first on Strobes Security.
The post What Is Vulnerability Prioritization? A No-Fluff Playbook appeared first on Security Boulevard.
Shubham Jha
UK ICO Fines 23andMe £2.3m for Data Protection Failings
2 months 3 weeks ago
23andMe has been fined over £2m by the UK ICO for failing to adequately protect genetic data
Defensie koopt middelen voor medische evacuaties door de lucht
2 months 3 weeks ago
Defensie schaft nieuwe middelen aan om medische evacuaties via de lucht uit te voeren. De Amerikaanse fabrikant Knight Aerospace levert deze Aeromedical Evacuation (AE) capaciteit. Hiermee versterkt Defensie de geneeskundige keten.
Hacker steals 1 million Cock.li user records in webmail data breach
2 months 3 weeks ago
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records. [...]
Bill Toulas
KDE Plasma 6.4 释出
2 months 3 weeks ago
KDE 桌面环境项目释出了 Plasma 6.4。主要新变化包括:允许为每一个虚拟桌面选择不同的磁贴布局;支持用数字键盘键移动指针,触控板手势放大或缩小;增加前景和背景元素之间的对比度;改进了 Info Center 和 KMenuEdit 的外观;文件传输通知会显示直观的进度图;可直接通过可用更新通知安装更新;应用全屏模式下将进入“请勿打扰”模式,将只会显示紧急通知;当应用尝试访问麦克风发现麦克风静音时会弹出通知;等等。
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
2 months 3 weeks ago
The United Kingdom’s top data privacy regulator on Tuesday fined the embattled personal genomics company 23andMe more than $3 million over allegedly poor cybersecurity practices.
Free AI coding security rules now available on GitHub
2 months 3 weeks ago
Developers are turning to AI coding assistants to save time and speed up their work. But these tools can also introduce security risks if they suggest flawed or unsafe code. To help address that, Secure Code Warrior has released a new set of free AI Security Rules on GitHub. These rulesets offer practical guidance to help developers write more secure code when using tools like GitHub Copilot, Cursor, Cline, Roo, Aider, and Windsurf. Designed specifically … More →
The post Free AI coding security rules now available on GitHub appeared first on Help Net Security.
Sinisa Markovic
CVE-2025-4879 | Citrix Workspace App up to 2402 LTSR CU2/2402 LTSR CU3/2408 on Windows privileges management (CTX694718)
2 months 3 weeks ago
A vulnerability classified as critical has been found in Citrix Workspace App up to 2402 LTSR CU2/2402 LTSR CU3/2408 on Windows. This affects an unknown part. The manipulation leads to improper privilege management.
This vulnerability is uniquely identified as CVE-2025-4879. The attack needs to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
特朗普集团宣布 499 美元智能手机
2 months 3 weeks ago
特朗普集团周一公布了一款售价 499 美元的智能手机以及月费 47.45 美元的手机套餐。被称为 T1 的智能手机将于 9 月上市,由第三方设计和制造,特朗普集团未披露手机制造厂商。展示的手机图像显示 T1 搭配了金色外壳,印有美国国旗,显示 MAGA 标语。其硬件配置为 6.8 英寸 AMOLED 显示屏、Android 15 操作系统,12GB 内存与 256GB 内部储存空间(无其它选择),主摄像头为 5,000 万像素,前摄像头为 1,600 万像素。
CVE-2025-5777 | Citrix NetScaler ADC/NetScaler Gateway up to 43.55/58.31 Management Interface out-of-bounds (CTX693420 / EUVD-2025-18497)
2 months 3 weeks ago
A vulnerability was found in Citrix NetScaler ADC and NetScaler Gateway up to 43.55/58.31. It has been rated as critical. Affected by this issue is some unknown functionality of the component Management Interface. The manipulation leads to out-of-bounds read.
This vulnerability is handled as CVE-2025-5777. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5349 | Citrix NetScaler ADC/NetScaler Gateway up to 43.55/58.31 Management Interface improper validation of specified quantity in input (CTX693420 / EUVD-2025-18494)
2 months 3 weeks ago
A vulnerability was found in Citrix NetScaler ADC and NetScaler Gateway up to 43.55/58.31. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component Management Interface. The manipulation leads to improper validation of specified quantity in input.
This vulnerability is known as CVE-2025-5349. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4365 | Citrix NetScaler Console/NetScaler SDX up to 47.45/58.31 improper validation of specified quantity in input (CTX694729 / EUVD-2025-18493)
2 months 3 weeks ago
A vulnerability was found in Citrix NetScaler Console and NetScaler SDX up to 47.45/58.31. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improper validation of specified quantity in input.
This vulnerability is traded as CVE-2025-4365. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-6020 | Linux-PAM up to 1.7.0 pam_namespace path traversal
2 months 3 weeks ago
A vulnerability was found in Linux-PAM up to 1.7.0 and classified as critical. This issue affects some unknown processing of the component pam_namespace. The manipulation leads to path traversal.
The identification of this vulnerability is CVE-2025-6020. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com