Aggregator

就在昨天举办的OPPO开发者大会上， OPPO首个安全与隐私保护信任中心正式宣布启用。一直以来，OPPO始终遵循“智慧懂你、无缝连接、信赖安全、创新设计”的产品设计理念，其中，信赖安全则被视为最核心理

Adversarial Robustness Toolbox Adversarial Robustness 360 Toolbox (ART) is a Python library supporting developers and researchers in defending Machine Learning models (Deep Neural Networks, Gradient Boosted Decision Trees, Support Vector Machines, Random Forests, Logistic...

The post Adversarial Robustness Toolbox: crafting and analysis of attacks and defense methods for machine learning models appeared first on Penetration Testing Tools.

The Memory Process File System: The Memory Process File System (MemProcFS) is an easy and convenient way of accessing physical memory as files a virtual file system. Easy trivial point-and-click memory analysis without the...

The post MemProcFS: The Memory Process File System appeared first on Penetration Testing Tools.

A vulnerability classified as problematic was found in IBM Sterling Partner Engagement Manager 6.2.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to information exposure through error message. This vulnerability is known as CVE-2022-35640. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in IBM Sterling B2B Integrator Standard Edition up to 6.1.2.5/6.2.0.2. Affected by this vulnerability is an unknown functionality of the component HTTP Response Handler. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is known as CVE-2023-42010. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in IBM Engineering Requirements Management DOORS 9.7.2.8 and classified as critical. This vulnerability affects unknown code. The manipulation leads to xml external entity reference. This vulnerability was named CVE-2023-50304. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in IBM InfoSphere Information Server 11.7. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-40689. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Fortinet FortiAnalyzer up to 7.2.5/7.4.3. This issue affects some unknown processing of the component Requests Handler. The manipulation leads to format string. The identification of this vulnerability is CVE-2024-45330. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Discourse up to 3.3.0/3.4.0.beta0. This issue affects some unknown processing of the component Reply Handler. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2024-43789. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Discourse up to 3.3.1/3.4.0.beta1. Affected is an unknown function of the component Email Handler. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2024-45051. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Discourse up to 3.3.1/3.4.0.beta1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Topic Handler. The manipulation of the argument label/name leads to improper privilege management. This vulnerability is known as CVE-2024-45297. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Tencent Security Xuanwu Lab Daily News• SecToday Next:https://sectoday.tencent.com/event/rFiEmpIBZ54

A vulnerability classified as problematic was found in PHP 5.3.8. Affected by this vulnerability is the function define of the file zend_builtin_functions.c. The manipulation leads to improper input validation. This vulnerability is known as CVE-2011-4153. The attack can be launched remotely. Furthermore, there is an exploit available.

各位新老学员请看过来～长亭珂兰寺伙伴5期班进入开班倒计时！11月份线下开班，四个月课程，集中面授，挑战高质量培训！PART.016年用心办学，学员放心选择长亭珂兰寺隶属于长亭科技，为培养网安后辈精英而

据国外调研机构的不完全统计，2024年上半年，全球发生了超过400起勒索攻击事件，平均勒索赎金要求超过500万美元，受害者遍布金融、政府、医疗、教育、企业等众多行业，给组织的生产、运营、发展等多个方面

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With Malware
Cybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.

A vulnerability was found in Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-7000. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

近日，宾夕法尼亚大学的工程研究团队揭示了AI驱动机器人中存在的关键漏洞，这些漏洞可以被恶意操控，导致机器人执行危险任务，包括引爆炸弹。研究团队在这项研究中开发了一种名为RoboPAIR的算法，成功实现

Ransomware’s history is littered with threat actors that rise and fall but every now and then a new name appears that grabs people’s attention for the wrong reasons. RansomHub, a ransomware-as-a-service (RaaS) platform which seems to have successfully recruited affiliates from the downed BlackCat and Lockbit groups during 2024, is the latest example of this […]

The post Ransomware borrows industry tools to target corporate EDR  appeared first on Ransomware.org.

A vulnerability, which was classified as critical, was found in Acronis Cyber Files on Windows. This affects an unknown part. The manipulation leads to incorrect default permissions. This vulnerability is uniquely identified as CVE-2024-49389. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.