招聘-安全服务工程师(郑州)
招聘-安全服务工程师(郑州)
Aggregator
云环境下的PostgreSQL渗透
2 months ago
云环境下的PostgreSQL渗透
Arcus Media
2 months ago
You must login to view this content
cohenido
Michael Ossmann Gives A First Look at the HackRF Pro in YouTube Video
2 months ago
Great Scott Gadgets宣布将于9月推出升级版HackRF Pro软件无线电,改进包括USB-C接口、消除DC尖峰和减少强信号镜像,并在YouTube上发布了演示视频。
Amazon Q Pulled After Malicious Pull Request Instructs AI to Delete User Files and AWS Resources
2 months ago
Amazon was forced to urgently withdraw a compromised version of its AI-powered programming assistant, Q, after a malicious instruction was covertly embedded into the system. This rogue directive prompted the assistant to exploit command-line...
The post Amazon Q Pulled After Malicious Pull Request Instructs AI to Delete User Files and AWS Resources appeared first on Penetration Testing Tools.
ddos
Mimo Strikes Magento & Docker: Evolved Cybercrime Group Unleashes Stealthy Cryptojacking & Proxyjacking
2 months ago
The cybercriminal group known as Mimo, previously recognized for its campaigns deploying cryptocurrency miners, has shifted its tactics, now targeting new vectors — notably the popular e-commerce platform Magento and misconfigured Docker instances. The...
The post Mimo Strikes Magento & Docker: Evolved Cybercrime Group Unleashes Stealthy Cryptojacking & Proxyjacking appeared first on Penetration Testing Tools.
ddos
Reverse Engineering for Bugs Part 1 - How I discovered My 1st 0day in Windows.
2 months ago
通过逆向学习发现零日漏洞,在分析恶意软件时思考进程本质及其运行机制,并通过逆向工程寻找答案。
CVE-2025-53770
2 months ago
Microsoft SharePoint存在远程代码执行漏洞(CVE-2025-53770),可绕过先前补丁,允许攻击者在本地服务器上执行任意代码,控制受影响系统并造成严重安全风险。建议升级至最新版本以修复漏洞。
Android Malware: New Campaign Blends Click Fraud & Credential Theft via Fake Apps
2 months ago
Amid the growing popularity of Android smartphones in developing regions and the increasing accessibility of third-party app stores, cybercriminals have launched a large-scale campaign that combines two highly dangerous tactics—credential theft and click fraud—for...
The post Android Malware: New Campaign Blends Click Fraud & Credential Theft via Fake Apps appeared first on Penetration Testing Tools.
ddos
Microsoft Reverses Course: Free Windows 10 Security Updates Extended for One Year!
2 months ago
Microsoft has reversed its decision to end support for Windows 10 and now offers users a free one-year extension of security updates. This reprieve benefits nearly 700 million individuals who continue to rely on...
The post Microsoft Reverses Course: Free Windows 10 Security Updates Extended for One Year! appeared first on Penetration Testing Tools.
ddos
Kairos
2 months ago
You must login to view this content
cohenido
Qilin
2 months ago
You must login to view this content
cohenido
Scattered Spider Exploiting VMware vSphere
2 months ago
Hacking Tactics Linked to Retail, Airline Compromises
The loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity.
The loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity.
New York Unveils 'Nation-Leading' Water Sector Cyber Rules
2 months ago
State Seeks Public Input on New Reporting Rules and Regulations for Water Sector
New York State has unveiled a comprehensive set of water and wastewater cybersecurity regulations aimed at bolstering defenses for the vulnerable critical infrastructure sector, in addition to a new competitive investment program to help modernize under-resourced entities.
New York State has unveiled a comprehensive set of water and wastewater cybersecurity regulations aimed at bolstering defenses for the vulnerable critical infrastructure sector, in addition to a new competitive investment program to help modernize under-resourced entities.
How Torq Is Rewiring SOCs With Autonomous Cyber Agents
2 months ago
CEO Omer Smadari: AI Agents Now Resolving Threat Cases at Scale with Accuracy
With its Revrod acquisition, Torq is pushing deeper into autonomous threat response. CEO Ofer Smadari outlines how AI-runbooks and autopilot tech such as Socrates are reducing human workloads and helping security teams scale amid rising alert volumes and phishing attacks.
With its Revrod acquisition, Torq is pushing deeper into autonomous threat response. CEO Ofer Smadari outlines how AI-runbooks and autopilot tech such as Socrates are reducing human workloads and helping security teams scale amid rising alert volumes and phishing attacks.
Patients Still Struggle With Full Access to Health Info
2 months ago
Tech Standards, Regulatory Levers Have Removed Barriers. What's Still in the Way?
Patients these days have an easier path to securely accessing their electronic health information, thanks in large part to advancements in certain technology standards and a big push by federal regulatory policies in recent years. But obstacles still remain.
Patients these days have an easier path to securely accessing their electronic health information, thanks in large part to advancements in certain technology standards and a big push by federal regulatory policies in recent years. But obstacles still remain.
大模型量化简介
2 months ago
Terenceli
Search in Zola: Fuse.js vs. Elasticlunr.js
2 months ago
文章比较了Fuse.js和Elasticlunr.js在Zola静态网站生成器中的客户端搜索功能。Fuse.js适合快速模糊搜索,支持韩语且无需额外插件;Elasticlunr.js提供高级搜索功能但需复杂配置。作者因 Fuse.js 的简单性、性能及韩语支持而选择它。
戴尔测试平台遭入侵,惠普紧急修补接入点高危漏洞|一周特辑
2 months ago
点击查看更多本周网络安全大事件。
ACRStealer’s Stealthy Evolution: New Variants Use Heaven’s Gate & Low-Level NTAPIs to Evade Detection
2 months ago
ACRStealer, a notorious information-stealing malware, has once again come under the spotlight following a series of enhancements that have significantly improved its resilience against detection and analysis. Over the past year—particularly since the beginning...
The post ACRStealer’s Stealthy Evolution: New Variants Use Heaven’s Gate & Low-Level NTAPIs to Evade Detection appeared first on Penetration Testing Tools.
ddos