Aggregator

August has seen some of the most eye-opening vulnerabilities surface, catching the attention of security experts across the globe. These aren’t just numbers in a database, they represent real challenges...

The post Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond appeared first on Strobes Security.

The post Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond appeared first on Security Boulevard.

Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets.  The threat actor deployed the FudModule rootkit, previously attributed to Diamond Sleet, suggesting potential shared use of malware between these North Korean threat actors. The V8 JavaScript engine in Chrome […]

The post North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft identified a new custom multi-stage backdoor, “Tickler,” deployed by the Iranian state-sponsored threat actor Peach Sandstorm between April and July 2024.  Targeting sectors like satellite, communications equipment, oil and gas, and government, Tickler has been used to gather intelligence. Peach Sandstorm also conducted password spray attacks on educational and government sectors.  The group employed […]

The post New Custom Malware “Tickler” Attack Satellite Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, was found in Vmware Fusion up to 13.5 on macOS. This affects an unknown part of the component Environment Variable Handler. The manipulation of the argument environment leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-38811. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

VIVOTEK has announced an upgrade to its comprehensive AI security solution with the release of the new AI feature, RealSight Engine. This feature transforms images captured by network cameras into clear, visible facial images under any lighting conditions. Even in backlit environments, facial expressions are rendered with exceptional clear. The solution eliminates complex settings, enabling immediate activation upon installation. It optimizes operational efficiency in environments such as dimly lit galleries, suburban dark parks, and low-light … More →

The post VIVOTEK RealSight Engine improves images clarity in various scenarios appeared first on Help Net Security.

Устаревшие алгоритмы открывают путь к глобальной цифровой катастрофе.

生成式人工智能发展迅速，大模型技术赋能代码分析。

免改造方案减少对现有业务的改动，为企业安全升级降低成本。

塞讯验证带您深入了解异常流量的定义与监测阻断策略，共筑稳固网络防线，护航网络安全事业！

The FBI, CISA, MS-ISAC, and HHS have released a joint advisory detailing known RansomHub ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).  RansomHub, a ransomware-as-a-service variant, has been active since February 2024, targeting various critical infrastructure sectors, and affiliates use a double-extortion model, encrypting systems and exfiltrating data.  Victims receive a ransom […]

The post Ransomhub Attacked 210 Victims Since Feb 2024, CISA Released Advisory For Defenders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本文通过讲解 Sui 的设计特点，帮助读者认识 Sui。

展示自我，领取海量权益，获取重磅荣誉激励和高额奖金。

The People’s Cyber Army of Russia is a Russian hacktivist group known for its strategic use of DDoS attacks and other disruptive tactics.  Operating as part of the broader Russian cyber warfare landscape, the group has been involved in several attacks on Ukraine, reflecting a continuation of tactics seen in earlier Russian operations.  Their activities […]

The post Researchers Detailed Russian Hacktivist/State Hackers Tactics appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The stable channel for desktops has been updated to version 128.0.6613.119/.120 for Windows and Mac, and 128.0.6613.119 for Linux. This update will be gradually rolled out over the coming days and weeks. For those using the Extended Stable channel, version 128.0.6613.120 is now available for Windows and Mac. The full list of changes is in […]

The post Chrome Vulnerability Let Attackers Execute Arbitrary Code Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

腾讯上个月承认，正与苹果公司协商微信小游戏的抽成。为防止躲避支付佣金，iOS 版的微信将需要使用苹果的支付系统。然而双方的磋商看起来进展不利，iOS 版的微信被发现已有两个月没有更新版本，而将随 iPhone 16 推出的 iOS 18.2 可能不支持微信。一位苹果中国区技术顾问表示，关于 iOS系 统或者苹果设备能否再使用微信，包括微信后续能否在苹果应用商店继续上架和下载，需要苹果公司和腾讯相互沟通和探讨，才能确定之后的情况。他表示，目前苹果正在与腾讯积极沟通，来确认后续腾讯是否还会继续向苹果应用商店提供软件下载的抽成。