Aggregator

循万变·见未来——技术前瞻未来，V8漏洞的挖掘与应用，将在军事与智能领域取得更大的突破。

Биоинженеры придумали новый способ доставки лекарственных белков в мозг.

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. Threat actors rely on social engineering tactics to trick users into executing a PowerShell script, which leads to […]

A grand jury in Kansas City has charged North Korean national Rim Jong Hyok for orchestrating a series of cyberattacks targeting U.S. hospitals and healthcare providers. The indictment outlines a conspiracy involving ransomware attacks, extortion, and money laundering. The ill-gotten gains funded further intrusions into defense, technology, and government entities worldwide. A Relentless Pursuit of […]

The post North Korean Government Hacker Charged for Attacking U.S. Hospitals appeared first on Cyber Security News.

Федеральные агентства США получили жёсткий дедлайн для устранения проблемы.

Как снизить риски взлома и осложнить злоумышленникам получение несанкционированного доступа в информационные системы с помощью Рутокен MFA.

拜登政府的网络安全政策发生了巨大转变：过去四年来的既定战略是将保护的负担从消费者转移到最有能力的人，特别是制造技术和拥有最重要基础设施的私营部门。

美国管理与预算办公室发布备忘录，概述了FedRAMP现代化对联邦机构和项目的要求。

漏洞是造成网络安全问题的重大隐患，它不仅存在于硬件、软件、操作系统中，也给全球政府机构、关键基础设施、企业和个人带来了巨大的网络安全威胁。

安全公司 AhnLab 的威胁研究人员发现，威胁者正在利用 CVE-2024-23692 严重安全漏洞，该漏洞允许在无需身份验证的情况下执行任意命令。

威胁行为者正在利用Selenium Grid的配置错误来部署修改版的XMRig工具，用于挖掘Monero（门罗币）加密货币。

当前，世界正处于迅猛的技术变革中，人工智能技术已经成为未来数字经济转型升级的核心要素。

什么是攻击面分析？为什么要做攻击面分析？攻击面分析这个概念有很多师傅研究过，也有很多公司已经落地，攻击面分析很大，大到从资产管理、供应链管理、数据管理等方方面面，涵盖内部攻击面与外部攻击面，包括主机层、网络层、应用层等各个层级，这里我想以开发的视角浅谈，以数据流转全过程去分析应用程序的攻击面管理。从我个人来看，攻击面分析是关于映射出需要审查和测试安全漏洞的系统部分。攻击面分析的目的是理解应用程序中

Скрытность и шифрование помогают группе незаметно шпионить в целевых системах.

The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of the spear-phishing campaign include countries like Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

慢雾安全团队建议用户注意识别打开的网站是否和请求批准展示的域名一致。

DigiCert, a leading digital certificate provider, has announced the revocation of thousands of certificates due to a domain validation error. This decision follows the discovery of a critical issue in their Domain Control Validation (DCV) process, which has affected approximately 0.4% of their issued certificates. The company is taking swift action to comply with the […]

The post DigiCert to Revoke Thousands of Certificates Following Domain Validation Error appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A report published today by Zscaler finds an 18% increase in ransomware attacks, including one that involved a record $75 million payment that appears to have been made to the Dark Angels ransomware group.

The post Report: An 18% Increase in Ransomware Attacks Includes $75M Payment appeared first on Security Boulevard.

Cisco has recently released patches pertaining to a maximum severity security flaw. As per recent reports, the Cisco security patches are for flaws within the Smart Software Manager On-Prem (Cisco SSM On-Prem). In this article, we’ll dive into the details of the vulnerability and learn what could happen if the flaw was to be exploited […]

The post Cisco Security Patches: Max Severity Security Flaw Fixed appeared first on TuxCare.

The post Cisco Security Patches: Max Severity Security Flaw Fixed appeared first on Security Boulevard.