Aggregator
.NET 内网攻防实战电子报刊
4 months 1 week ago
01.NET内网安全攻防报刊小报童电子报刊【.NET内网安全攻防】也正式上线了,引入小报童也是为了弥补知识星球
实战组合拳:剖析 SharePoint 和 Exchange 两个产品漏洞攻击链
4 months 1 week ago
通过 Sharp4ExecMemory 实现内存远程加载 .NET 文件绕过终端安全防护
4 months 1 week ago
当前环境异常,需完成验证后方可继续访问。
.NET 内网攻防实战电子报刊
4 months 1 week ago
当前环境出现异常状态,需完成验证操作后方可继续访问相关内容或功能。
实战组合拳:剖析 SharePoint 和 Exchange 两个产品漏洞攻击链
4 months 1 week ago
当前环境出现异常提示,请完成验证后继续访问。
AI 靶场上新,玩儿靶场瓜分三十万赏金!
4 months 1 week ago
谛听 工控安全月报 | 7月
4 months 1 week ago
7月│月报 谛听工控安全月报上线了,工信部的最新政策,7月发生的多起工控安全事件,谛听团队收集的最新攻击教据......更多安全资讯,请关注“谛听ditecting",每月更新!
CSOP2025看点 | 微步技术合伙人赵林林:实战攻防中如何“拿高分”?
4 months 1 week ago
CSOP 2025·北京站 亮点前瞻
美国用户起诉微软停止支持Windows 10系统 要求至少支持到市场份额低于10%
4 months 1 week ago
美国用户起诉微软计划于2025年停止支持Windows 10系统,认为此举旨在推广AI PC,要求至少支持至市场份额低于10%,并披露操作系统支持周期及终止后果。
使用不同工具对目标服务器端口扫描和服务探测
4 months 1 week ago
该实验通过Nmap和Metasploit工具对目标服务器进行端口扫描和服务探测,旨在掌握不同扫描方式的应用及工具操作。
GitHub首席执行官宣布辞职 GitHub并入微软不再独立运营 不再设立CEO职位
4 months 1 week ago
GitHub CEO托马斯·多姆克宣布辞职,并将留任至2025年底以协助过渡。GitHub将被并入微软CoreAI团队成为子部门,不再设CEO职位。自2018年被微软以75亿美元收购以来,GitHub一直保持独立运营。
简约翻译 KISS Translator - 开源免费沉浸式翻译替代品 (划词/双语对照/视频字幕)
4 months 1 week ago
KISS Translator 是一款开源免费的全能翻译插件,支持网页双语对照翻译、划词翻译、悬浮翻译等功能,并可调用多种 AI API 服务。适合外语学习者、科研工作者及技术开发人员使用。
【通知】第三届全国大学生开源情报数据采集与分析大赛开始报名啦!提供免费培训
4 months 1 week ago
为深化情报学领域的人才培养战略,激发学生对开源情报分析的热情,强化学生在数据采集、深度分析及情报应用等方面的综合技能.特举办“第三届全国大学生开源情报数据采集与分析大赛”。
【情报机构】俄罗斯的情报机构
4 months 1 week ago
俄罗斯情报体系包含多个重叠且竞争的机构,主要机构包括联邦安全局(FSB)、对外情报局(SVR)、总参谋部情报总局(GRU)、联邦保卫局(FSO)等。
CVE-2019-11727 | Mozilla Firefox up to 67.x Network Security Services certificate validation (RHSA-2019:1951 / Nessus ID 247767)
4 months 1 week ago
A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 67.x. Affected is an unknown function of the component Network Security Services. The manipulation leads to improper certificate validation.
This vulnerability is traded as CVE-2019-11727. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-27809 | Mbed TLS up to 2.28.9/3.6.2 mbedtls_ssl_set_hostname Hostname insecure default initialization of resource (EUVD-2025-8055 / Nessus ID 247765)
4 months 1 week ago
A vulnerability classified as problematic has been found in Mbed TLS up to 2.28.9/3.6.2. This affects the function mbedtls_ssl_set_hostname. The manipulation of the argument Hostname leads to insecure default initialization of resource.
This vulnerability is uniquely identified as CVE-2025-27809. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2021-35942 | GNU C Library up to 2.33 posix/wordexp.c parse_param memory corruption (Nessus ID 247768)
4 months 1 week ago
A vulnerability, which was classified as critical, has been found in GNU C Library up to 2.33. This issue affects the function parse_param of the file posix/wordexp.c. The manipulation leads to memory corruption.
The identification of this vulnerability is CVE-2021-35942. The attack can only be done within the local network. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
【工具】PrivacyCheckGo:轻量级敏感信息检测工具
4 months 1 week ago
PrivacyCheckGo 是一款基于Go语言开发的敏感信息检测工具
大满贯!谷歌向发现Chrome沙盒逃逸漏洞的研究人员奖励25万美元表彰其出色工作
4 months 1 week ago
谷歌向发现Chrome沙盒逃逸漏洞的研究人员奖励25万美元,创Chrome VRP计划最高纪录。该高危漏洞已修复并公开细节。