Aggregator

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as “Salt Typhoon,” also referred to as “RedMike.”  Between December 2024 and January 2025, the group exploited over 1,000 unpatched Cisco network devices globally, targeting telecommunications providers and universities.  The campaign highlights the ongoing vulnerability of critical infrastructure and the strategic intelligence […]

The post RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access  appeared first on Cyber Security News.

作为换囚交易的一部分美国释放了 BTC-e 联合创始人 Alexander Vinnik，交换被俄罗斯关押的美国教师 Marc Fogel。Alexander Vinnik 和 Aleksandr Bilyuchenko 于 2011 年 7 月创办了俄罗斯加密货币交易所 BTC-e。Vinnik 于 2017 年在希腊应美国要求被捕，受到了洗钱等逾 20 项指控，他于 2020 年首先被引渡到法国，因洗钱指控被判 5 年，随后又送回了希腊。2022 年引渡到美国。美国检方指控 BTC-e 是全球网络罪犯主要的洗钱途径，而 Vinnik 经营该交易所的目的是促进非法活动。BTC-e 处理了逾 90 亿美元的交易。2024 年 5 月，Vinnik 承认通过 BTC-e 洗钱数十亿美元的指控。

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

所以完美不会使人进步，但谩骂、诋毁和攻击，一定会让我们在艰难地前进道路上，寸寸留下坚实的脚印！

iCloud стал причиной возможного прекращения сотрудничества США и Великобритании.

网络安全公司Dragos最近发布了2024年第四季度的最新研究报告，揭示出制造业成为该季度最频繁遭受网络攻击，特别是勒索软件攻击方式。

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master Utility, a software tool designed to optimize the performance of AMD Ryzen™ processors.  The vulnerability, classified as DLL hijacking, could allow attackers to execute arbitrary code and escalate privileges on affected systems.  With a CVSS score of 7.3, this vulnerability […]

The post AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

案例主要入侵方式还是通过ssh爆破，尤其是遇到这种大批量被横向爆破的时候，可以分析病毒的特征针对性的编写专杀。

Рынок вакансий рухнул на 70%.

A vulnerability classified as problematic was found in Outback Power Mojave Inverter. Affected by this vulnerability is an unknown functionality. The manipulation leads to use of get request method with sensitive query strings. This vulnerability is known as CVE-2025-26473. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Brocade SANnav up to 2.3.1a. Affected is an unknown function of the component Docker Daemon. The manipulation leads to execution with unnecessary privileges. This vulnerability is traded as CVE-2024-2240. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Immunity Debugger 1.85. It has been rated as critical. This issue affects some unknown processing of the component Input Handler. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2024-53311. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in musl libc up to 1.2.5. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2025-26519. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Monica 4.1.2. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-54951. It is possible to initiate the attack remotely. There is no exploit available.