【安全圈】虚假OpenClaw代币赠礼活动瞄准GitHub开发者实施钱包清空骗局
一年一度的两会,是观察国家政策走向的重要窗口。2026年政府工作报告已经新鲜出炉,其中关于网络安全的表述,字字千钧。今天,我们就来深度拆解这份报告背后的安全信号。本次报告明确提出:“健全数据要素基础制度,强化数据安全与个人信息保护,完...
Aggregator
The Gentleman
3 weeks 2 days ago
You must login to view this content
cohenido
The Gentleman
3 weeks 2 days ago
You must login to view this content
cohenido
Microsoft Entra ID New Feature Removes MFA Limitations for Users
3 weeks 2 days ago
Multifactor authentication operates as a critical defense mechanism for securing user identities against targeted cyber attacks. Microsoft reports that implementing MFA effectively reduces the risk of account compromise by more than 99%. To expand these protections, Microsoft has announced the General Availability of external multifactor authentication for Microsoft Entra ID. This release removes previous platform […]
The post Microsoft Entra ID New Feature Removes MFA Limitations for Users appeared first on Cyber Security News.
Abinaya
评论 | 强化打击跨境电诈的执法合力
3 weeks 2 days ago
电信网络诈骗犯罪是国际社会共同面对的打击治理难题。随着信息技术的快速发展,电诈犯罪已从区域性现象演变为全球性威胁,犯罪团伙利用网络的无国界性,将诈骗窝点、技术支撑、资金流转等环节分散在不同国家和地区,形成了组织严密、分工精细的跨国犯罪网络。
观点 | 探索人工智能环境下的数据安全治理路径
3 weeks 2 days ago
习近平总书记强调,当前人工智能、大数据等新技术新应用不断涌现,给网络生态治理带来挑战,也提供新的支持条件。要完善分级分类的安全监管机制,筑牢网络安全和数据安全防线。这为应对技术快速发展中的治理与安全协同工作指明方向。
专家解读 | 健全衍生数据治理机制 释放数字经济新动能
3 weeks 2 days ago
国家高度重视衍生数据的开发利用。《中共中央 国务院关于构建数据基础制度更好发挥数据要素作用的意见》首次提出保护数据衍生产品的经营权。健全衍生数据治理机制,科学识别、合理配置数据产权,将为保障多方权益、激励技术创新……
国家安全部:谨防深度伪造魔改陷阱
3 weeks 2 days ago
生成式人工智能技术的突破性进展,正推动AI视频制作加速普及,在提升创作效率、活化历史记忆等方面展现出巨大潜能,成为数字时代的内容生产利器。但技术若被恶意用于金融欺诈、政治渗透、谣言制造、间谍窃密等非法活动,将侵害公民合法权益……
论坛·原创 | 创新探索数字时代全球网络空间治理的中国方案
3 weeks 2 days ago
习近平主席在2015年第二届世界互联网大会上首次提出的构建网络空间命运共同体理念,成为中国参与全球网络治理的核心指导思想,也成为中国为全球网络空间治理贡献智慧与方案的典型代表。中国始终秉持携手构建网络空间命运共同体的目标……
Iran-Linked Pay2Key Ransomware Group Re-Emerges
3 weeks 2 days ago
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key
Landmark verdicts put Meta’s “addiction machine” platforms on trial
3 weeks 2 days ago
Courts are starting to question how platforms are built, not just what’s posted.
The post Landmark verdicts put Meta’s “addiction machine” platforms on trial appeared first on Security Boulevard.
Malwarebytes
Карты, деньги, два звонка. Технология для видеозвонков теперь помогает грабить интернет-магазины
3 weeks 2 days ago
Хакеры нашли дыру в защите, которую никто не додумался закрыть.
Reddit declares war on bad bot activity
3 weeks 2 days ago
Reddit is introducing changes to support interactions between people. The company is taking a bottom-up approach to help users understand when they are engaging with another person unless an account is labeled otherwise. Reddit plans to verify that users are human without requiring disclosure of real-world identity. How does it work Verified profiles for brands, publishers, and creators launched in late 2025 to help their content gain acceptance in relevant communities. The next step is … More →
The post Reddit declares war on bad bot activity appeared first on Help Net Security.
Anamarija Pogorelec
Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud
3 weeks 2 days ago
A large-scale magecart operation remained active for over 24 months, leveraging an infrastructure of 100+ domains. While the targeted victims are e-commerce websites, the actual pressure falls on banks and payment systems. As ANY.RUN’s analysis shows, threat actors applied multi-step checkout hijacking, payment page mimicry, and WebSocket-based exfiltration of card data. This report provides both executive-level insights and technical analysis of the campaign. Key Takeaways Campaign Overview A […]
The post Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud appeared first on ANY.RUN's Cybersecurity Blog.
khr0x and raptur3
奥尔登堡大学 | SoK:从 CTI 报告中自动化抽取 TTP——我们真的做到这一步了吗?
3 weeks 2 days ago
本文不仅帮助读者更清楚地理解自动化TTP抽取领域的主要方法路线,也提醒研究者:这一方向未来的突破,可能不仅依赖更强的模型能力,也依赖更高质量的数据和更合理的任务定义。
Citrix:尽快修复这两个 NetScaler 漏洞
3 weeks 2 days ago
速修复
TP-Link:速修复这个严重的路由器认证绕过漏洞
3 weeks 2 days ago
速修复
又一个开发工具沦陷,Apifox遭供应链投毒攻击
3 weeks 2 days ago
近期,Apifox遭遇供应链投毒攻击,攻击者篡改了Apifox官方CDN上的动态JS文件,在大量开发者电脑上植入隐蔽后门,最终可实现凭证窃取和远程命令执行等恶意功能。此次攻击影响公网SaaS版桌面客户端(Electron 框架),Web版和私有化部署版不受影响。
汽车钠离子电池能在 11 分钟内完成充电
3 weeks 2 days ago
在宁德时代和长安发布首款搭载钠离子电池的量产电动汽车后,北汽宣布了它的极光钠离子电池原型。钠离子电池成本比锂离子电池低,对原材料的价格不那么敏感,宁德时代、比亚迪等都在押注钠离子电池以应对不断上涨的锂材料价格。北汽称其钠离子电池能在 -40°C 至 60°C 内稳定工作,-20°C能量保持率超 92%,电芯能量密度 170Wh/kg,充电仅需 11 分钟,搭载该电池的 CLTC 汽车续航里程可达 450 公里。
欧洲最大渔港因勒索攻击运营中断,被迫人工维持货运作业
3 weeks 2 days ago
官方称在完成安全检查前不会恢复