Aggregator

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。 文章代表

A vulnerability was found in ASUSTek Aura Ready Game SDK Service 1.0.0.4. It has been classified as critical. This affects an unknown part of the file GameSDK.exe. The manipulation leads to unquoted search path. This vulnerability is uniquely identified as CVE-2022-35899. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

自 2023 年 10 月以来，以色列和哈马斯之间爆发的冲突助长了中东国家之间的网络攻击，并在全球范围内将多个国家卷入其中。

主站 分类 漏洞 工具 极客

A vulnerability was found in Microsoft Excel 2010 SP2/2013 RT SP1/2013 SP1/2016. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-0020. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Office Web Apps 2013 SP1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2017-0020. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Microsoft Internet Explorer 10/11. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-0018. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Edge and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2017-0017. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Word 2016. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-0019. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Edge and classified as critical. This vulnerability affects unknown code of the component Scripting Engine. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-0015. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows up to Server 2016. It has been rated as critical. Affected by this issue is some unknown functionality of the component SMBv2/SMBv3. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2017-0016. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Edge. This affects an unknown part. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2017-0012. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

一、境外厂商产品漏洞1、Google Chrome安全绕过漏洞（CNVD-2024-48384）Google Chrome是美国谷歌（Google）公司的一款Web浏览器。Google Chrome存

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

About 75% of healthcare sector entities that suffered a ransomware attack over the past year were targeted on a weekend or holiday, highlighting the need for organizations to bolster staffing and related strategies during these vulnerable times, said Jeff Wichman of security firm Semperis.

Researchers Trace 61% of Known Losses This Year to Pyongyang-Backed Hackers
Hackers tied to North Korea's cash-strapped totalitarian dictatorship this year stole a record amount of cryptocurrency, totaling $1.34 billion across 47 incidents, or about double their known haul for 2023, reported blockchain analytics firm Chainalysis.

Infrastructure Problems Blamed; Users Appear to Move to Similar FlowerStorm Service
As the end of the year approaches, it's out with the old and in with the new as researchers report that Rockstar 2FA, which once facilitated prolific phishing-as-a-service hits, has crashed and burned, apparently leading many one-time users to move to rival FlowerStorm.