Aggregator

梆梆安全荣获2024广东省数字安全大会“2023-2024年优秀单位”奖

嘶吼
11 months 3 weeks ago

近日,2024广东省数字安全大会在广州成功召开,在广东省政务服务和数据管理局的指导下,本次大会由广东省数字安全协会、数字政府网络安全产业联盟主办,广州市黄埔区人民政府、PCSA安全能力者联盟联合承办,汇聚国内数字安全领域政、产、学、研机构代表和专家,共同研究全国数字化进程中的安全新形势,探讨新形势下广东地区数字安全建设新方向。

中国电子技术标准化研究院、公安部第三研究所、工业和信息化部电子第五研究所、国家计算机网络应急技术处理协调中心广东中心,省政务和数据局、省政务服务数据中心、东莞市委网信办、深圳市信息安全管理中心、广州市数字政府运营中心,省网络空间安全协会、PCSA安全能力者联盟、广州大学、惠州市数字政府网络和数据安全协会等机构和单位的领导、专家;全省21个地、市的政务服务和数据管理局网络安全主管领导和安全处(科)室负责人;广州市部分市直单位和广州各区网络安全相关负责同志;各类安全企业代表;共计220多人参与了此次盛会。

大会还表彰了2023-2024年数字政府网络安全产业联盟(协会)的优秀单位,梆梆安全凭借优秀的综合实力,以及在联盟中的突出表现,荣获广东省数字安全协会、数字政府网络安全产业联盟颁发的2023-2024年优秀单位奖。同时,梆梆安全携“端到端&全渠道移动安全解决方案”亮相此次展会。

梆梆安全端到端&全渠道移动安全解决方案

·静态防御&全渠道覆盖,在做静态防御措施时完成全渠道覆盖,APP、 H5、小程序都可进行安全防护。

·动静结合&端到端联动,将动态安全防御机制与现有的静态防御机制进行联动及协同防御,前端业务与后端服务实现有效关联,形成前后端一体化。

·风险实时防御&全渠道联动,针对前端风险做到实时防御,对不同渠道安全防御做到联防联控,如针对APP的攻击识别情报与轻应用侧协同。

梆梆安全自加入协会联盟以来,长期积极参与其组织的各项活动。凭借自身在数字政府安全建设领域的技术实力与丰富经验,为广东省多地政府的数字化建设保驾护航。此次荣获该项荣誉,梆梆安全将牢记初心,持续为数字政府建设贡献力量。

梆梆安全

CVE-2024-56433 | shadow-maint shadow-utils up to 4.17.0 Home Directory /etc/subuid insecure default initialization of resource

VulDB Recent Entries
11 months 3 weeks ago
A vulnerability, which was classified as critical, was found in shadow-maint shadow-utils up to 4.17.0. This affects an unknown part of the file /etc/subuid of the component Home Directory Handler. The manipulation leads to insecure default initialization of resource. This vulnerability is uniquely identified as CVE-2024-56433. The attack needs to be approached locally. There is no exploit available. The real existence of this vulnerability is still doubted at the moment.
vuldb.com

CVE-2023-39147 | Uvdesk 1.1.3 Image File unrestricted upload (ID 173878 / EDB-51639)

Vuldb Updates
11 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Uvdesk 1.1.3. This issue affects some unknown processing of the component Image File Handler. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2023-39147. The attack needs to be approached within the local network. Furthermore, there is an exploit available.
vuldb.com

CVE-2012-6644 | Clip-bucket ClipBucket 2.6 channels.php type cross site scripting (EDB-18341 / XFDB-72245)

Vuldb Updates
11 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Clip-bucket ClipBucket 2.6. This affects an unknown part of the file channels.php. The manipulation of the argument type leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-6644. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
11 months 3 weeks ago

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation of genuine identity documents and images.  Attackers utilize these resources to develop and sell techniques for bypassing identity verification systems, presenting a significant database and evolving threats to businesses and individuals alike.  Researchers have identified […]

The post A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Adobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary files

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
11 months 3 weeks ago

Adobe has issued a critical security update for ColdFusion versions 2023 and 2021 to address a major vulnerability that could lead to an arbitrary file system read. The identified vulnerability, CVE-2024-53961, has a known proof-of-concept exploit, making the updates crucial for users. This release underscores Adobe’s commitment to ensuring the security and integrity of its […]

The post Adobe Warns of ColdFusion Vulnerability Allows Attackers Read arbitrary files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

CVE-2012-1001 | Chyrp up to 2.1.1/2.5 Beta 1 includes/ajax.php content/body cross site scripting (EDB-36874 / BID-52115)

Vuldb Updates
11 months 3 weeks ago
A vulnerability was found in Chyrp up to 2.1.1/2.5 Beta 1. It has been declared as problematic. This vulnerability affects unknown code of the file includes/ajax.php. The manipulation of the argument content/body as part of Parameter leads to cross site scripting. This vulnerability was named CVE-2012-1001. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Beware of New Malicious PyPI packages That Steals Login Details

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
11 months 3 weeks ago

Two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advanced malware techniques. These findings underscore the critical importance of robust cybersecurity measures to protect against such sophisticated threats. Malicious […]

The post Beware of New Malicious PyPI packages That Steals Login Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

Managed ad