Kazumi:动漫追番神器,无广告清爽免费看动画
今天给大家推荐一个我测试使用非常好用的一个动漫追番软件
Kazumi
使用 flutter 开发的基于自定义规则的番剧采集与在线观看程序。使用最多五行基于 Xpath...
Aggregator
丰田网络后台遭黑客入侵 大量数据被泄露
4 months 2 weeks ago
一名威胁者在黑客论坛上泄露了从丰田系统中窃取的 240GB 数据档案,丰田证实其网络遭到入侵。
XCon2024完整版参会攻略,速速来看,果断收藏~~
4 months 2 weeks ago
速速来看,果断收藏~
CVE-2024-43868 | Linux Kernel up to 6.10.3 purgatory riscv_kernel_entry denial of service (5d4aaf16a825/fb197c5d2fd2)
4 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.3. This issue affects the function riscv_kernel_entry of the component purgatory. The manipulation leads to denial of service.
The identification of this vulnerability is CVE-2024-43868. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43867 | Linux Kernel up to 6.10.3 drm nouveau_bo_ref reference count
4 months 2 weeks ago
A vulnerability classified as critical was found in Linux Kernel up to 6.10.3. This vulnerability affects the function nouveau_bo_ref of the component drm. The manipulation leads to improper update of reference count.
This vulnerability was named CVE-2024-43867. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43864 | Linux Kernel up to 6.6.44/6.10.3 mlx5e allocation of resources (daab2cc17b6b/89064d09c56b/025f2b85a5e5)
4 months 2 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.6.44/6.10.3. This affects an unknown part of the component mlx5e. The manipulation leads to allocation of resources.
This vulnerability is uniquely identified as CVE-2024-43864. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43882 | Linux Kernel up to 6.10.5 Group Member do_filp_open race condition
4 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.10.5. It has been rated as problematic. Affected by this issue is the function do_filp_open of the component Group Member Handler. The manipulation leads to race condition.
This vulnerability is handled as CVE-2024-43882. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43880 | Linux Kernel up to 6.10.2 mlxsw lib/objagg.c spectrum_acl_erp: comparison
4 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.10.2. It has been declared as problematic. Affected by this vulnerability is the function spectrum_acl_erp: in the library lib/objagg.c of the component mlxsw. The manipulation leads to incorrect comparison.
This vulnerability is known as CVE-2024-43880. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43872 | Linux Kernel up to 6.10.2 RDMA denial of service (06580b33c183/2fdf34038369)
4 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.10.2. It has been classified as problematic. Affected is an unknown function of the component RDMA. The manipulation leads to denial of service.
This vulnerability is traded as CVE-2024-43872. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43876 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 rcar_pcie_wakeup state issue
4 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.102/6.6.43/6.10.2 and classified as problematic. This issue affects the function rcar_pcie_wakeup. The manipulation leads to state issue.
The identification of this vulnerability is CVE-2024-43876. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43878 | Linux Kernel up to 6.10.2 xfrm state issue (a4c10813bc39/54fcc6189dfb)
4 months 2 weeks ago
A vulnerability has been found in Linux Kernel up to 6.10.2 and classified as problematic. This vulnerability affects unknown code of the component xfrm. The manipulation leads to state issue.
This vulnerability was named CVE-2024-43878. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
补贴钓鱼花样多,请看好个人”钱包”
4 months 2 weeks ago
近期,奇安信威胁情报中心在日常的追踪活动中监测到该类型的钓鱼活动持续处于高度活跃的状态,并且更新了部分手法,有了新的特征,在这里对这类活动的新动向做一些分析。
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
4 months 2 weeks ago
A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks.
The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164,
The Hacker News
大脑为一个记忆创建三个副本
4 months 2 weeks ago
将经历转化为记忆的能力使我们能从过去学习,并将所学作为模型,对新情况做出适当的反应。由于这个原因,随着我们周围的世界不断变化,这种记忆模型不能简单地成为过去美好时光的固定存档。相反,它必须是动态的,随着时间的推移而变化并适应新的环境,以更好地帮助我们预测未来并选择最佳行动方针。大脑如何调节记忆的动态是一个谜——直到发现了多个记忆副本。根据发表在《科学》期刊上的一项研究,小鼠研究显示大脑为一个记忆创建至少三个副本。巴塞尔大学研究小组发现,在负责从经验中学习的大脑区域海马体中,一个单一事件被存储在至少三组不同的神经元中,这些神经元在胚胎发育的不同阶段出现。论文第一作者 Vilde Kveim说:“记忆在大脑中的动态存储证明了大脑的可塑性,这支撑了它巨大的记忆容量。”研究小组由此证明,特定记忆副本的激活及其时间可能对我们如何记住、改变和使用记忆产生重大影响。
Rhysida勒索家族分析报告
4 months 2 weeks ago
近日,奇安新病毒响应中心通过猎鹰平台发现Rhysida勒索团伙特有的Rhysida家族样本仍处于活跃状态。经测试验证,目前奇安信天锁已支持对此类攻击的立体化防护。
丰田网络后台遭黑客入侵 大量数据被泄露
4 months 2 weeks ago
本周,ZeroSevenGroup(泄露被盗数据的威胁者)表示,他们入侵了美国一家分公司,窃取了 240GB 的文件,其中包含有关丰田员工和客户的信息,以及合同和财务信息。
他们还声称已经使用开源 ADRecon 工具收集了网络基础设施信息,包括凭证,该工具可帮助从 Active Directory 环境中提取大量信息。
威胁者在黑客论坛上称已拿到包括联系人、财务、客户、员工、计划、照片、数据库、网络基础设施、电子邮件等内容的大量数据。除此之外,威胁者还可提供带有密码的所有目标网络的 AD-Recon。
目前,丰田已证实其网络遭到入侵。
当被要求验证该威胁者的说法时,丰田称:该问题范围有限,不是系统范围内的问题。
随后该公司补充说,它“正在与受影响的人接触,并将在需要时提供帮助”,但尚未提供有关何时发现入侵、攻击者如何获得访问权限以及有多少人的数据在事件中被泄露的信息。
丰田数据泄露
虽然丰田尚未透露泄密事件的日期,但相关媒体发现这些文件已被盗,或者至少是在 2022 年 12 月 25 日创建的。这个日期可能表明威胁分子获得了存储数据的备份服务器的访问权限。
去年 12 月,丰田子公司丰田金融服务公司 (TFS) 就曾警告客户,他们的敏感个人和财务数据在一次数据泄露中被暴露,该数据泄露是由 11 月的 Medusa 勒索软件攻击造成的,该攻击影响了这家日本汽车制造商的欧洲和非洲分部。
今年 5 月份,丰田披露了另一起数据泄露事件,由于公司云环境中的数据库配置错误,215 万客户的车辆位置信息在 2013 年 11 月 6 日至 2023 年 4 月 17 日之间暴露了长达十年之久。
几周后,该公司又发现另外两个配置错误的云服务泄露了丰田客户的个人信息,时间长达七年多。
这两起事件发生后,丰田表示已实施了一套自动化系统来监控其所有环境中的云配置和数据库设置,以防止将来再次发生此类泄露。
据了解,2019 年,丰田和雷克萨斯的多家销售子公司也遭遇入侵,攻击者窃取并泄露了该公司当时所说的“多达 310 万条的客户信息”。
胡金鱼
丰田网络后台遭黑客入侵 大量数据被泄露
4 months 2 weeks ago
胡金鱼
Exploring Russian and International Analog TV From Leaky Cable TV Networks via the Airspy Server Network
4 months 2 weeks ago
August 21, 2024Thank you to RTL-SDR.COM reader Micha for submitting a story about how he has
浅谈企业蓝军的业务标准化|大湾区金融安全专刊·安全村
4 months 2 weeks ago
通过蓝军,以小见大
英伟达放弃专用的 G-Sync 模块
4 months 2 weeks ago
英伟达在 2013 年发布了消除画面撕裂的自适应同步技术 G-Sync。支持 G-Sync 技术的显示器需要配备英伟达的私有 G-Sync 模块。相比下 AMD 的自适应同步技术 FreeSync 是免版税的,而且无需额外的硬件。免费使用的 FreeSync 于是大行其道,使用 G-Sync 的产品则寥寥无几。英伟达在 2019 年勉强承认了 G-Sync 的失败,推出了针对 FreeSync 显示器的 G-Sync 兼容认证。现在英伟达宣布放弃其专用的 G-Sync 模块,改为和联发科合作直接在其为显示器开发的 scaler 芯片中整合 G-Sync 功能。三款内置联发科新 scaler 芯片的显示器——Asus ROG Swift PG27AQNR、Acer Predator XB273U F5 以及 AOC AGON PRO AG276QSG2——将在今年晚些时候发布。三款产品都是 27 英寸 1440p 分辨率的显示屏,最大刷新率 360 Hz。