Aggregator

热忱欢迎学界同仁惠赐佳作。

国家市场监督管理总局考虑对苹果发起反垄断调查。知情人士称，国家市场监管总局正在审查苹果的政策，其中包括对应用内消费收取最高 30% 的提成，禁止外部支付服务和应用商店。国家市场监督管理总局去年已经与苹果高管和应用开发者进行了交谈，它认为苹果可能向开发商收取了不合理的高额费用。这些谈判源自苹果就应用商店政策与腾讯和字节跳动等开发商之间长期存在的纠纷。如果谈判顺利，市场监管总局可能不会正式采取行动。

Spain’s National Police force has arrested a suspected data thief who targeted government and military victims

​DeepSeek 遭网络犯罪分子盯上，假网站、恶意软件、虚假投资骗局频出

看雪论坛作者ID：Shangwendada

核心聚焦于助力学员轻松掌握从内核态隐藏 frida 的技术，且全程无需重新编译内核。

Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US. Spanish National Police arrested a hacker responsible for multiple cyberattacks on government institutions in Spain and the U.S.. Targe including the U.S. Army, UN, NATO, and other agencies. Some of the breached organizations are the U.S. Army, […]

Простой кабель оказался достаточно умным для легендарного шутера.

Как телефонные аферисты заполучили личные номера сотрудников ведомства?

用于路由器等设备的发行版 OpenWrt 释出了 24.10，距离上一个版本 23.05.0 约一年四个月。OpenWrt 24.10 的新特性包括：支持逾 1970 款设备，比 23.05.0 增加了 100 多款；Linux 内核从 5.15 升级到 6.6；包管理器仍然是 OPKG，APK 包尚不支持，预计下个版本才会切换到 APK；加密库 mbedtls 更新到 3.6；改进了 WiFi6 (802.11ax) 支持，初步支持 WiFi7 (802.11be)；改进了 Link Layer Discovery Protocol(LLDP)支持，等等。

At Broadcom, we are committed to providing cutting-edge security solutions to empower VMware Cloud Foundation customers with cyber-resilient private cloud. We are excited to announce the general availability of Lateral Security for VMware Cloud Foundation with VMware vDefend validated solution. New to VMware Validated Solutions? VMware Validated Solutions is a vetted portfolio of technical validated solutions … Continued

The post Introducing Lateral Security for VMware Cloud Foundation with VMware vDefend Validated Solution appeared first on VMware Security Blog.

Техника Apple теряет репутацию неприступной крепости.

A vulnerability was found in Intel NUC Kit 1.1/22.40/MYi30060 and classified as critical. This issue affects some unknown processing of the component BIOS Firmware. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2022-37345. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Misskey up to 2023.12.1. Affected is an unknown function. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2024-25636. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in jackdewey Link Library Plugin up to 7.6 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation of the argument ll_reciprocal leads to cross site scripting. The identification of this vulnerability is CVE-2024-1559. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Brivo ACS100 and ACS300. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to os command injection. This vulnerability was named CVE-2023-6260. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.