Aggregator

2024年度十大事件 回望2024，这是一个挑战与机遇并存的年份，也是国投智能以科技创新为引擎，加速产业变革， […]

首发！国投智能2024年度十大事件揭晓 日期：2025年01月23日 阅：78 20

Android平台从上到下，无需ROOT/解锁/刷机，应用级拦截框架的最后一环，SVC系统调用拦截。

2025-01-21 (TUESDAY): QUICK POST FOR KOI LOADER/KOI STEALER ACTIVITYNOTES:Zip files are passw

ИИ провалил экзамен по истории.

Галактика Андромеды переписала историю астрономии.

Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. "This actor engaged in a variety of threat activity, including cryptocurrency mining operations on hijacked cloud resources and ransomware activity," the tech giant's cloud division said in its 11th

Cloud Security / CryptojackingGoogle on Wednesday shed light on a financially motivated threat act

In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid attacks. What are the most promising technologies or methodologies for distinguishing between false flags and authentic attribution markers in cyberattacks? Can behavioral analysis contribute to identifying an attacker’s motives when both nation-states and cybercriminals use overlapping tactics? Distinguishing false flags from … More →

The post Defense strategies to counter escalating hybrid attacks appeared first on Help Net Security.

Кто войдёт в новую команду после реформы?

Агент, который видит всё, уже на пороге.

苹果通过其支持页面发表声明，表示其应用商店 App Store 暂时不会重新上架 TikTok。苹果称它有义务遵守运营所在司法管辖区的法律。根据《保护美国人免受外国对手控制应用程序侵害法案

苹果通过其支持页面发表声明，表示其应用商店 App Store 暂时不会重新上架 TikTok。苹果称它有义务遵守运营所在司法管辖区的法律。根据《保护美国人免受外国对手控制应用程序侵害法案》，自 2025 年 1 月 19 日起，美国用户无法再在 App Store 上下载或更新由 ByteDance Ltd. 及其子公司开发的 App，包括 TikTok、TikTok Studio、TikTok Shop Seller Center、CapCut、Lemon8、Hypic、Lark - Team Collaboration、Lark - Rooms Display、Lark Rooms Controller、Gauth: AI Study Companion 和 MARVEL SNAP。Google Play 商店目前也没有上架 TikTok。

Cisco has issued a critical advisory regarding a privilege escalation vulnerability in its Meeting Management REST API. The flaw tracked as CVE-2025-20156, allows a remote, authenticated attacker with low privileges to elevate their access to administrator-level control on affected devices, posing a significant threat to affected systems. Vulnerability Details The vulnerability stems from improper authorization enforcement […]

The post Cisco Warns of Meeting Management API Privilege Escalation Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features a built-in crawler to discover additional URLs for testing. The tool is designed to adapt to specific web caches for enhanced testing efficiency, is customizable, and integrates into existing CI/CD pipelines. Features Analyzing a web cache before testing … More →

The post Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning appeared first on Help Net Security.

<p>Discover how to use Python for malicious purposes on Windows, leveraging its ease of installation and existing tradecraft to evade detection and deploy malware payloads effectively.</p>

A vulnerability classified as critical has been found in HT Mega Plugin up to 2.4.6 on WordPress. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-1974. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Tenda FH1203 2.0.1.6 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. This vulnerability was named CVE-2024-2991. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.