锦行科技入选《2024年中国网络安全市场100强》!
锦行科技入选《2024年中国网络安全市场100强》!
Aggregator
CVE-2024-7626 | wpdelicious WP Delicious Plugin up to 1.6.9 on WordPress Path Validation wp-config.php save_edit_profile_details file inclusion
4 months ago
A vulnerability was found in wpdelicious WP Delicious Plugin up to 1.6.9 on WordPress. It has been rated as critical. This issue affects the function save_edit_profile_details of the file wp-config.php of the component Path Validation Handler. The manipulation leads to file inclusion.
The identification of this vulnerability is CVE-2024-7626. The attack may be initiated remotely. There is no exploit available.
vuldb.com
Debian 12.7 Released with 55 Security Updates and 51 Bug Fixes
4 months ago
The Debian Project has officially released Debian 12.7, the latest point release in the Debian GNU/Linux 12 “Bookworm” series. It arrives just two months after the previous release, Debian 12.6, as the sixth point release of the Bookworm series. This new update retains the Linux 6.1 LTS kernel and brings important security fixes and bug corrections, […]
The post Debian 12.7 Released with 55 Security Updates and 51 Bug Fixes appeared first on TuxCare.
The post Debian 12.7 Released with 55 Security Updates and 51 Bug Fixes appeared first on Security Boulevard.
Rohan Timalsina
Trellix strengthens email security with DLP capabilities
4 months ago
Trellix announced Trellix Email Security Cloud with integrated Trellix Data Loss Prevention (DLP) capabilities, available globally. The enhanced solution uniquely improves data security and protects organizations’ sensitive information by monitoring and blocking email-borne data risks like exfiltration by insiders or accidental data sharing. “Email is the primary attack vector for threat actors and organizations’ riskiest channel for data loss,” said Gareth Maclachlan, Network and Collaboration Security GM, Trellix. “Trellix integrated our DLP capabilities into Trellix … More →
The post Trellix strengthens email security with DLP capabilities appeared first on Help Net Security.
Industry News
免杀学习之如何实现shellcode的自解密
4 months ago
免杀学习之如何实现shellcode的自解密
记一次最新版DeDecms 绕过层层过滤getshell过程
4 months ago
记一次最新版DeDecms 绕过层层过滤getshell过程
Apache DolphinScheduler任意文件写到RCE
4 months ago
Apache DolphinScheduler任意文件写到RCE
AD Enuming学习
4 months ago
AD Enuming学习
记一次市级攻防演练中渗透的某个站点
4 months ago
记一次市级攻防演练中渗透的某个站点
tcache key 机制的另一绕过手法
4 months ago
tcache key 机制的另一绕过手法
记一次不知名小CMS代审过程
4 months ago
记一次不知名小CMS代审过程
某中间件反序列化链曲折调试
4 months ago
某中间件反序列化链曲折调试
浅谈FastAPI框架下的内存马
4 months ago
浅谈FastAPI框架下的内存马
AD Exploitation学习
4 months ago
AD Exploitation学习
AD Cred-Harvesting
4 months ago
AD Cred-Harvesting
.NET 通过命令行解密web.config配置
4 months ago
.NET 通过命令行解密web.config配置
地图API配置错误漏洞导致的key或者ak泄露
4 months ago
地图API配置错误漏洞导致的key或者ak泄露
从thinkphp教你学会sql注入代码审计(全)
4 months ago
从thinkphp教你学会sql注入代码审计(全)
6 common Geek Squad scams and how to defend against them
4 months ago
Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks
2024-09-10 KIMSUKY (North Korean APT) Sample (Sakai @sakaijjan - Terms and Conditions.msc)
4 months ago
2024-09-10 KIMSUKY (North Korean APT) Sample (Sakai @sakaijjan - Terms and Conditions.msc) 202