Aggregator

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 江苏省淮安市淮安区人民法院 高蒙蒙 李录朋土耳其是较早开启数据保护立法趋势的国家之一。《土耳其个人数据保护法》（

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 奇安信集团 吕归亚；中国国家创新与发展战略研究会副会长 吕本富近日，国家安全部发文《隐秘的测绘 秘密的泄露》披露

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 中国电信研究院战略发展研究所副所长 季鸿2024年4月，习近平总书记在重庆考察时强调，“要深入践行人民城市理念，

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士谷歌云发布新的漏洞奖励计划 (VRP)，如研究员能发现相关产品和服务的漏洞，则最高可获得101010美元的奖励。这项新的VRP涵盖了460多款产品和

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063中国常驻联合国代表傅聪21日在安理会“科学发展对国际和平与安全的影响”公开会上发言表示，科技是把“双刃剑”，需要统筹发展

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士漏洞众测平台 Bugcrowd 分析了该平台上近1300份调研问卷和采访，发布2024年度《走进黑客内心 (Inside the Mind of a

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 北京交通大学教授 张向宏数据标准是国家标准体系的重要组成部分，在数据要素市场化配置改革中具有基础性、全局性和引领

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063关于向社会公开征求《数据领域名词解释》意见的公告为进一步凝聚共识，推动社会各界对数据领域术语形成统一认识，现就《数据领域

本期看点网事焦点 勒索软件治理刻不容缓勒索软件是一种极具传播性、破坏性的恶意软件。在数字时代，网络、信息和数据的应用价值日益提高，成为勒索软件的首要攻击目标。随着勒索软件即服务（RaaS）模式的泛滥，

The trend toward remote working over the last several years has bred all kinds of tools intended to help us improve productivity and facilitate easier, faster digital communications with colleagues. So why does workplace productivity still feel impossible to achieve? Unfortunately, email—one of the most integral vehicles for business communication—is also one of the biggest drains on employee time and energy. According to data from Microsoft, employees spend as much as 8.8 hours each week checking and responding to email. And while many email communications are essential, one recent report found that nearly half of all emails are spam or other unwanted mail.

Why Peter Todd May Be Another Conspiracy Theory on the Bitcoin Creator
Is Peter Todd truly Satoshi Nakamoto, or just the next name in a long list of conspiracy theories that are eventually debunked? The HBO documentary's claim is far from conclusive, despite an eyebrow-raising moment in the film, where Todd admits to being Nakamoto on camera, seemingly tongue in cheek.

SEC: Check Point, Mimecast Disclosures Didn't Capture Severity of SolarWinds Hack
Check Point and Mimecast will each pay regulators nearly $1 million to settle charges of making materially misleading disclosures related to the SolarWinds Orion hack. The SEC alleged public disclosures from Check Point and Mimecast didn't capture the severity of the compromise.

Europe Will Renew or Deny Data Sharing Agreement in June
The U.K. government should work ahead of a June deadline to retain its status as a trusted host of European commercial and law enforcement data, urged the head of a parliamentary committee. The economic value of an EU "adequacy agreement" is "substantial," wrote Peter Ricketts.

Attackers Could Exploit Flaw to Relay Credentials, Compromise Systems
A critical vulnerability in Open Policy Agent could expose NTLM credentials from Windows systems, potentially affecting millions of users. Researchers at Tenable warn that attackers could exploit the flaw through social engineering. Users must update to version v0.68.0 immediately to mitigate risks.

10月18日，以“合规赋能 数智未来”为主题的2024第三届SCIC网络安全合规创新大会在北京成功举办。大会由 […]

NyxInvoke NyxInvoke is a versatile Rust-based tool designed for executing .NET assemblies, PowerShell commands/scripts, and Beacon Object Files (BOFs) with built-in patchless AMSI and ETW bypass capabilities. It can be compiled as either a...

The post NyxInvoke: The Rust-Based Tool Bypassing AMSI & ETW appeared first on Penetration Testing Tools.

nmap This library aims at providing idiomatic nmap bindings for go developers, to make it easier to write security audit tools using golang. What is nmap Nmap (Network Mapper) is a free and open-source network scanner...

The post nmap: Idiomatic nmap bindings for go developers appeared first on Penetration Testing Tools.

snuffleupagus Security module for php7 and php8 – Killing bugclasses and virtual-patching the rest! Snuffleupagus is a PHP 7+ and 8+ module designed to drastically raise the cost of attacks against websites, by killing entire...

The post snuffleupagus: Security module for php7 and php8 appeared first on Penetration Testing Tools.

2024年10月17日、JPCERT/CCは2024年7月から9月分の「JPCERT/CC 活動四半期レポート」「JPCERT/CC インシデント報告対応レポート」「ソフトウェア等の脆弱性関連情報に関する届出状況」を公開しました。本四半期中のJPCERT/CCの国内外の活動に加え、JPCERT/CCが報告を受け付けたインシデントの統計や事例などについてまとめています。参考資料としてご活用ください。