Aggregator

2024-09-18 SAMBASPY Java RAT Samples2024-09-19 Kaspersky: Exotic SambaSpy is now dancing with

The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The U.S. DoJ arrested two people, Malone Lam (20) (aka “Greavys,” “Anne Hathaway,” and “$$$”) and Jeandiel Serrano (21) (aka “Box,” “VersaceGod,” and “@SkidStar”) in Miami and charged them with stealing more than $230 million […]

A vulnerability was found in HP HP-UX and classified as critical. This issue affects some unknown processing of the component rs.F300. The manipulation of the argument PATH as part of Environment Variable leads to improper access controls. The identification of this vulnerability is CVE-2003-1358. An attack has to be approached locally. Furthermore, there is an exploit available.

快来报名一起学习

文末投递简历

此次事件中，寻呼机和对讲机作为关键的通信设备，被植入了小型炸弹，并被用于施展恐怖袭击，引发了人们对科技供应链安全的担忧。人们开始思考，日常生活中使用的其他电子设备，是否也同样可能被用来实施恐怖袭击。

看雪论坛作者ID：New对象处

A vulnerability classified as critical was found in Apple macOS up to 10.12.1. This vulnerability affects unknown code of the component Grapher. The manipulation leads to memory corruption. This vulnerability was named CVE-2016-7622. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

Новая версия macOS всколыхнула ИБ-сообщество.

根据《自然》发表的一篇论文，一个黑洞喷射出的一对巨大喷流。这对喷流总长约 2300 万光年，是迄今已知的最长黑洞喷流。 超大质量黑洞会发射强大的辐射和粒子喷流。当它们持续数百万年，通过向宇宙中发射电子、原子核和磁场可以影响星系际介质中的物质流动。过去观察的黑洞喷流大小不会超过 5 百万秒差距（1百万秒差距约为 326 万光年）。 加州理工研究人员分析了来自国际低频阵列（LOFAR）望远镜的射电图像，以研究百万秒差距尺度的黑洞能量流。他们在分析后识别出了巨大的喷流，并命名为“波尔费里翁”。对望远镜数据的初步检查表明，这对喷流的总长度至少达到 6.43 百万秒差距。研究人员用数学公式进行了修正，得出“波尔费里翁”的总长度在 6.8—7.3 百万秒差距。 “波尔费里翁”的存在证明超大质量黑洞喷流能在极遥远的宇宙距离上形成，而不毁于流体不稳定性。但研究人员指出，要理解“波尔费里翁”保持稳定的力学原理还需要更多研究。

A vulnerability classified as critical has been found in Apple macOS up to 10.12.1. This affects an unknown part of the component Foundation. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2016-7618. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training

树立能源行业安全运营标杆

IDC最新攻击面管理报告出炉，360多项能力获五星评价

JSP3/2.0.14

A vulnerability has been found in WordPress 2.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file XMLRPC.PHP of the component XMLRPC Handler. The manipulation leads to sql injection. This vulnerability is known as CVE-2007-3140. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.