Aggregator

Groen licht voor maken eigen defensie-satellieten

1 month ago

Defensie gaat eigen Nederlandse satellietcapaciteit ontwikkelen. Tot nu toe maakte de organisatie gebruik van door andere partijen geleverde technologie. Zelf het informatiesysteem creëren maakt de krijgsmacht minder afhankelijk. Defensie kan dan eigen satellieten inzetten om inlichtingen te verzamelen. Staatssecretaris Gijs Tuinman maakte dit maandag bekend. Gisteren verdiepte hij zich onder meer in satellieten in Londen. Dat gebeurde tijdens de Defence and Security Equipment International (DSEI).

Meta Verified Scam Ads on Facebook Steal User Account Details

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 month ago

Content creators and small businesses are facing a sophisticated new threat targeting their Facebook accounts through deceptive advertisements promising free Meta verification badges. A new malvertising campaign is targeting Facebook users with malicious ads that promise to unlock Meta’s coveted blue verification tick through a seemingly legitimate browser extension. These ads, accompanied by instructional videos, […]

The post Meta Verified Scam Ads on Facebook Steal User Account Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Microsoft fixes app install issues caused by August Windows updates

不安全

1 month ago

Microsoft修复了8月安全更新引发的问题,该问题导致非管理员用户在所有Windows版本中出现意外的UAC提示和应用安装故障,并调整了UAC策略以缓解相关漏洞影响。

Точка-тире-точка-тире. Пираты освоили азбуку Морзе, но их доходы падают шестой год подряд

Securitylab.ru

1 month ago

Аналитики F6 представили исследование с неожиданными выводами.

How can I trace back an email?

不安全

1 month ago

这是一个开放的黑客社区，旨在帮助新手成长为资深黑客，提供问答和学习资源，并通过Discord平台促进交流与合作。

From Crisis to Strategy: What ToolShell Taught Us About Enterprise Resilience

Sygnia

1 month ago

Real-World Insights on Building Cyber Resilience When Perfect Defense Isn’t Possible.

The post From Crisis to Strategy: What ToolShell Taught Us About Enterprise Resilience appeared first on Sygnia.

Sygnia

Microsoft fixes app install issues caused by August Windows updates

Bleeping Computer.

1 month ago

Microsoft has fixed a known issue caused by the August 2025 security updates, which triggers unexpected User Account Control (UAC) prompts and app installation problems for non-admin users on all Windows versions. [...]

Sergiu Gatlan

Lynx

Dark Feed IO

1 month ago

You must login to view this content

cohenido

Kerberoasting

不安全

1 month ago

/r/netsec 是一个由社区管理的技术信息安全内容聚合平台，旨在为安全从业者、学生、研究人员和黑客提供有价值的信息资源。

Understand the Attack Surface: Retail Supply Chain Cybersecurity Risks

The Akamai Blog

1 month ago

Jim Black

In Quantum Sensing, What Beats Beating Noise? Meeting Noise Halfway.

NIST | News

1 month ago

A team including scientists at NIST may have found a new way of dealing with noise at the microscopic scales where quantum physics reigns.

Sarah Henderson

Kerberoasting

不安全

1 month ago

Kerberoasting是一种利用微软Active Directory中旧加密技术（如RC4）的漏洞，允许攻击者通过获取加密票证破解服务账户密码，进而实现横向移动攻击。尽管微软提供了缓解建议，但未强制关闭不安全选项，导致该漏洞仍被用于实际攻击。

Unlock Cybersecurity Transformation with Microsoft ECIF and GuidePoint Security

不安全

1 month ago

微软企业客户投资基金（ECIF）旨在通过提供资金支持，帮助组织克服安全改进中的预算和执行障碍。该基金常用于安全评估、概念验证、部署支持、威胁狩猎和变更管理等关键领域。微软认证合作伙伴可协助申请和实施，确保资源有效转化为实际安全成果。

Dormant macOS Backdoor ChillyHell Resurfaces

darkreading

1 month ago

With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols.

Elizabeth Montalbano, Contributing Writer

Auth0 Pricing Explained (And Why Startups Call It a Growth Penalty)

不安全

1 month ago

文章探讨了身份平台Auth0的定价模型及其对初创企业的影响。尽管其初期方便易用且加速产品上市，但随着用户增长和功能需求增加，其基于MAU的定价结构可能导致不可预测的成本激增和"增长惩罚"。文章分析了其价格悬崖、SSO连接限制及企业合同的高昂成本，并提供了替代方案和缓解策略。

Apple CarPlay Vulnerability Allows Remote Code Execution to Gain Root Access

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 month ago

A newly disclosed vulnerability in Apple’s CarPlay ecosystem enables remote code execution with root privileges, posing a serious risk to connected vehicles. Discovered by the Oligo Security Research team and tracked as CVE-2025-24132, the flaw resides within the AirPlay protocol implementation used by CarPlay systems. CVE ID Affected Components Versions Impacted CVE-2025-24132 AirPlay Audio SDK < 2.7.1 […]

The post Apple CarPlay Vulnerability Allows Remote Code Execution to Gain Root Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Семь лет в тени, миллионы жертв и крах империи. История самого успешного торговца краденными данными в мире

Securitylab.ru

1 month ago

США добились признания вины у создателя BlackDB.

Небезопасные баллы. В модуле «Система бонусов» для Bitrix обнаружена уязвимость, позволяющая украсть данные пользователей

Securitylab.ru

1 month ago

Уязвимы все версии модуля до 3.4.9 включительно.

How to make people instantly respect you (things leaders do that most people don't know)

不安全

1 month ago

真正的领导者通过问愚蠢的问题、承认错误、重复他人观点、说“我不知道”等行为展现领导力。他们关注理解而非形象，重视团队合作与清晰沟通。

CVE-2025-10218 | lostvip-com ruoyi-go 2.1 Background Management Page SysRoleDao.go SelectListPage sortName sql injection

VulDB Recent Entries

1 month ago

A vulnerability, which was classified as critical, has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. This vulnerability is registered as CVE-2025-10218. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

Aggregator

Managed ad