Aggregator
Охота за призраками Вселенной: новый детектор готов перевернуть мир физики
1 year ago
SBND в Фермилаб открывает двери в неизвестность.
CVE-2014-7080 | Sigong ebook 1.0.0 X.509 Certificate cryptographic issues (VU#582497)
1 year ago
A vulnerability was found in Sigong ebook 1.0.0. It has been rated as critical. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues.
The identification of this vulnerability is CVE-2014-7080. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
研究人员称埋藏木材是廉价的碳储技术
1 year ago
森林是地球的肺,每年吸收的二氧化碳是人类通过燃烧煤炭等化石燃料排放到大气中的二氧化碳的六倍。但森林储存的大部分碳会通过树木的分解而重新回到大气层。如果能延迟树木的分解?研究人员报告了一种低技术廉价的碳储技术——在恰当的条件下埋藏木头可以将人类产生的一部分二氧化碳储存在地下数千年之久。研究人员估计,埋藏在地下的木材每年可吸收 100 亿吨二氧化碳,占全球能源年碳排放量的愈四分之一。
INC
1 year ago
cohenido
CVE-2014-7079 | cybird Romeo/Juliet 1.0.6 X.509 Certificate cryptographic issues (VU#582497)
1 year ago
A vulnerability was found in cybird Romeo and Juliet 1.0.6. It has been declared as critical. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues.
This vulnerability was named CVE-2014-7079. Access to the local network is required for this attack. There is no exploit available.
vuldb.com
SecWiki News 2024-09-29 Review
1 year ago
CVE-2014-7078 | Payoneer Sign Up 0.1 X.509 Certificate cryptographic issues (VU#582497)
1 year ago
A vulnerability classified as critical was found in Payoneer Sign Up 0.1. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues.
This vulnerability was named CVE-2014-7078. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com
受害者因Google Play商店中的一个盗取钱包资金的应用程序而损失了7万美元
1 year ago
安全客
针对库尔德网站的水坑攻击分发恶意APK文件和间谍软件
1 year ago
安全客
严重 CUPS 漏洞使 Linux 和其他系统面临远程攻击
1 year ago
安全客
WhatsUp黄金关键漏洞需要立即采取行动
1 year ago
安全客
勒索软件团伙利用窃取的Microsoft Entra ID凭证入侵云服务
1 year ago
安全客
关键的 NVIDIA Container Toolkit 漏洞可能会向攻击者授予完全主机访问权限
1 year ago
安全客
美国制裁虚拟货币交易所 Cryptex 和 PM2BTC 为非法活动提供便利
1 year ago
安全客
对科威特卫生部的网络攻击影响了该国的医院
1 year ago
安全客
新型漏洞利用链允许绕过Windows用户账户控制(UAC)
1 year ago
安全客
上亿公民隐私信息遭曝光,原因竟是数据库未加密?
1 year ago
安全客
CVE-2024-9328 | SourceCodester Advocate Office Management System 1.0 /control/edit_client.php id sql injection
1 year ago
A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The manipulation of the argument id leads to sql injection.
The identification of this vulnerability is CVE-2024-9328. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
AI 机器人能以 100% 成功率破解图像识别 CAPTCHA
1 year ago
苏黎世联邦理工学院研究人员报告,利用特别训练过的图像识别模型,AI 机器人能以 100% 成功率破解 ReCAPTCHA v2。Google 的 reCAPTCHA v2 会展示一组街景网格,要求用户识别哪些图像包含自行车、人行横道、楼梯或交通信号灯。Google 已经逐步淘汰 reCAPTCHA v2 改用 reCAPTCHA v3,通过分析用户交互识别人和机器人,不再需要用户接受繁琐的挑战。然而互联网上仍然有数百万个网站使用 reCAPTCHA v2,而使用 reCAPTCHA v3 的网站还会将 reCAPTCHA v2 作为后备方案。研究人员利用了开源模型 YOLO ("You Only Look Once") 的微调版本。他们表示在成功率达到 100% 之后我们正进入后 reCAPTCHA 时代。