Aggregator

网络犯罪组织 Jabber Zeus 头目 Vyacheslav“Tank”Penchukov 于 2022 年前往瑞士会见妻子途中被捕，去年被美国法院判处 18 年监禁和超过 7300 万美元赔偿金。他在科罗拉多州的监狱里首次接受了记者的采访，谈论了他的网络犯罪生涯。他攀登到网络犯罪世界的顶峰不是因为技术精湛而是因为魅力，他笑说自己非常友善容易交朋友。他能长期逍遥法外据说就是依靠其人脉。他在两个不同时期分别领导了两个网络犯罪组织。他先是领导 Jabber Zeus 通过部署银行木马 Zeus 从受害者银行账户里窃取资金（Jabber 这一名字来自他们使用的消息应用），然后在 2018-2022 年之间进入勒索软件行业。Penchukov 说，2000 年代末期他们在乌克兰顿涅茨克市中心的一间办公室里工作，每天办公六七个小时，从海外受害者窃取金钱，他经常在一天结束时以 DJ Slava Rich 的艺名在城里表演。他当时只有 20 多岁，买车就像买衣服一样，他拥有 6 辆昂贵的德国汽车。警方通过监听 Jabber 以及他透露的女儿出生信息识别了其身份，FBI 领导的 Trident Breach 行动逮捕了多名 Jabber Zeus 成员，但 Penchukov 靠着有人通风报信和德国改装车奥迪 S8（装了兰博基尼引擎）逃脱了。他低调了一阵时间，然后做起了煤炭生意，但 FBI 并没有忘记他，他被列入了通缉名单。因为他的富有众所周知当地官员不时来敲诈。2014 年俄罗斯入侵克里米亚毁掉了他的煤炭生意，加上遭到当地官员的勒索，他开始重操旧业，做起了勒索软件生意，成为了 Maze、Egregor 和 Conti 等勒索软件组织的主要盟员。他领导了名为 IcedID 的勒索组织。他表示自己在网络犯罪时不会去考虑受害者，他唯一流露出悔意是在谈到一家残疾儿童慈善机构遭受勒索软件攻击时。他真正后悔的似乎是对同伙过于信任，这最终导致他落网。“在网络犯罪圈里，你交不到朋友，因为第二天你的朋友会被捕，然后变成告密者。”

第15期全国开源情报能力提升培训班将于2025年11月17日在北京开班。

美国国务院全球主要官员名单的核心变化集中在职位人员替换、空缺填补与新增派驻三大类，无大规模机构调整。多数国家核心职位保持稳定，变动主要集中在中低层执行岗位（如行政、安全、公共事务），部分国家因区域协调需求出现跨地区派驻人员调整。

提供完整PoC及小型测试样本

Оказалось, что у машинного обучения есть «ахиллесова пята», и она связана с волонтёрским трудом.

A recent investigation by Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated phishing campaign exploiting globally recognized and regional brands to steal user credentials, marking an escalation in adversary tradecraft and reach. Unlike conventional phishing threats, this operation delivers meticulously crafted HTML attachments often camouflaged as procurement documents or invoices directly through email, […]

The post Phishing Scam Uses Big-Name Brands to Steal Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0, […]

The post SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, Mandiant revealed on Monday. CVE-2025-12480 exploitation and attack details Gladinet’s Triofox solution is used by medium and large businesses to securely share files and allow users to access them without a VPN. CVE-2025-12480 is an Improper Access Control flaw allowing unauthenticated attackers to access the solution’s configuration/setup page. According to Mandiant’s … More →

The post Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480) appeared first on Help Net Security.

Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform.…

Запретили порно — все ушли в VPN.

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers

A vulnerability classified as problematic was found in Apache OFBiz. This affects an unknown function. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-61623. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Apache OFBiz. The impacted element is an unknown function. This manipulation causes unrestricted upload. This vulnerability is registered as CVE-2025-59118. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in Fairsketch RISE CRM Framework up to 3.8. The affected element is an unknown function of the file /events/save of the component POST Request Handler. The manipulation of the argument Title results in cross site scripting. This vulnerability is cataloged as CVE-2025-41102. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in Zoho ManageEngine Exchange Reporter Plus up to 5723. Impacted is an unknown function of the component Custom Report. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2025-7633. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in Zoho ManageEngine Exchange Reporter Plus up to 5723. This issue affects some unknown processing of the component Public Folders Report. Executing manipulation can lead to cross site scripting. This vulnerability is tracked as CVE-2025-7632. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Zoho ManageEngine Exchange Reporter Plus up to 5723. This vulnerability affects unknown code of the component Folder Message Report Handler. Performing manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-7430. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Aryom KVKNET up to 2.1.7. This affects an unknown part. Such manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2025-11960. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A sophisticated Android remote-access trojan named KomeX RAT has emerged on underground hacking forums, with the threat actor Gendirector actively marketing the malware through tiered subscription models. The malware, built on the foundation of previously documented BTMOB, poses a significant threat to Android device owners due to its extensive capabilities and aggressive advertising campaign within […]

The post New “KomeX” Android RAT Hits Hacker Forums with Tiered Subscriptions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

乔治梅森大学的研究人员回顾了 2005 年至 2025 年间进行的 21 项实验研究，发现有一致的证据表明，接触杀虫剂会对人类健康产生负面影响，特别是男性生殖健康。这项研究集中于新烟碱类杀虫剂，这是全球使用最广泛的一类杀虫剂。这种化学品通常用于农作物，它们会被土壤、水和植物组织吸收。因此残留物可能会留在人类食用的食物中。为了了解潜在的健康影响，研究团队回顾了动物研究中的数据，这些研究探讨了神经刺激如何影响雄性啮齿类动物的生殖健康。该研究进一步证明，现代农业化学品虽然对作物保护至关重要，但也可能带来看不见的风险，因而需要更密切的科学研究。