Aggregator

A vulnerability, which was classified as critical, has been found in GNOME Shell up to 45.7. Affected by this issue is some unknown functionality of the component Portal Helper. The manipulation leads to origin validation error. This vulnerability is handled as CVE-2024-36472. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.1.116/6.6.60/6.11.7. It has been classified as critical. Affected is an unknown function of the component ar0521. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-53081. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.116/6.6.60/6.11.7. It has been declared as problematic. Affected by this vulnerability is the function amd_pmc. The manipulation leads to information exposure through error message. This vulnerability is known as CVE-2024-53072. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

Как мошенники рассылают миллионы SMS-сообщений без риска попасться полиции.

ShadowHound is a PowerShell tool designed for mapping Active Directory environments without using known malicious binaries. It utilizes legitimate PowerShell modules for data collection through two methods: ADWS and LDAP.

A vulnerability was found in Inter7 Qmailadmin up to 1.0.5 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument QMAILADMIN_TEMPLATEDIR as part of Environment Variable leads to memory corruption. This vulnerability is handled as CVE-2002-1414. An attack has to be approached locally. Furthermore, there is an exploit available.

Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks “I really like the saying that ‘This is out of scope’ said no hacker ever. Whether it’s tricks, techniques or technologies, hackers will do anything to evade detection and make sure their

We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers and headlines—it’s about how digital risks shape our lives in ways we might not even realize. For instance, telecom networks being breached isn’t just about stolen data—it’s about power. Hackers are

网络不是法外之地，一言一行均须遵规守法。对在网络空间违反公序良俗传播低俗信息等违法犯罪行为，公安机关将依法严厉查处。近日，江西省赣州市石城、南康两地公安机关联合网信部门约谈多名网络主播。

今年以来，印度接连发生多起被称为“数字逮捕”的电诈骗局，犯罪分子不仅冒充警察和电信监管机构官员，还伪造“审判现场”，受害者多为印度本国人。这种新型电诈骗局引起印度国内外广泛关注。

AI聊天角色在回答中可能出现色情擦边、暴力对话等情况，主要与“数据来源的混杂性、商业模式的诱导性、监管机制的滞后性”这三大关键因素有关。

11月19日至22日，2024年世界互联网大会乌镇峰会如期举行，本次峰会主题为“拥抱以人为本、智能向善的数字未来——携手构建网络空间命运共同体”。

国家数据局23日发布消息，根据最新印发的《可信数据空间发展行动计划（2024—2028年）》，到2028年，我国将建成100个以上可信数据空间，形成一批数据空间解决方案和最佳实践。

为进一步深化互联网信息服务算法综合治理，中央网信办等四部门自即日起至2025年2月14日开展“清朗·网络平台算法典型问题治理”专项行动。

近年来，全球人工智能浪潮持续升温，大模型作为AI领域中的重要一环，其能力随着平台算力的提升、训练数据量的积累、深度学习算法的突破，得到了进一步提升。然而以大模型为核心涌现的大量技术应用背后，也带来诸多新的风险和挑战。

点击文章，了解最前沿的国际网安资讯！

Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Styra's Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they're supposed to be more

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.7. Affected by this issue is the function dvb_register_device. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-53063. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.171/6.1.116/6.6.60/6.11.7. It has been classified as critical. Affected is the function dwc3_core_exit. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-53070. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. It has been rated as problematic. Affected by this issue is the function stmmac_tx_clean. The manipulation leads to improper validation of array index. This vulnerability is handled as CVE-2024-53058. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.