Aggregator

New AppLite Banker malware targets Android devices, employing advanced phishing techniques to steal credentials and data

国家计算机病毒应急处理中心监测发现12款违规移动应用

Google Play 上的 SpyLoan Android 恶意软件安装次数达 800 万次

In an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service providers in Southern Europe.  The attack operation lasted roughly three weeks, from late June to mid-July 2024. The intrusions could have allowed the attackers to gain a strategic foothold and compromise downstream entities.  In particular, […]

The post Visual Studio Tunnels Abused For Stealthy Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Как работает загадка интеллекта, которую ИИ пока не может разгадать.

年轻人更可能死于高温

Versa announced Versa Endpoint DLP, an integrated endpoint data loss prevention (DLP) capability delivered by the Versa SASE Client as part of the VersaONE Universal SASE Platform. The endpoint DLP feature provides the widest range of data exfiltration prevention capabilities in an integrated SASE solution, restricting copy/paste, screenshots, and peripheral device (e.g., USB storage) transfers based on Zero Trust attributes. Versa Endpoint DLP helps ensure that sensitive data residing on endpoints is safeguarded against accidental … More →

The post Versa Endpoint DLP prevents data exfiltration appeared first on Help Net Security.

Oprechte waardering en erkenning, maar ook zorg bieden aan hen die opstonden voor vrede en veiligheid. Dat is de rol die het Nationale Veteranen Platform al 35 jaar vervult. Gisteren vierde de belangenbehartiger voor de Nederlandse veteraan en diens relatie het jubileum.

Вебинар Positive Technologies состоится 12 декабря в 14:00.

A vulnerability classified as critical was found in Dell Avamar up to 19.10SP1. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-52538. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Dell Avamar up to 19.10SP1. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-47977. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Dell Avamar up to 19.10SP1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-47484. The attack may be initiated remotely. There is no exploit available.

Leveraging NIST OSCAL to Provide Compliance Automation: The Complete Guide

A vulnerability was found in LearnPress Plugin up to 4.2.7.3 on WordPress. It has been classified as problematic. Affected is an unknown function of the component REST API. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-11868. It is possible to launch the attack remotely. There is no exploit available.

How to become a ghost? Not literally ghost but like someone nobody knows about. Totally under the radar. To me I think pros are way heavier than cons about becoming ghost.

英伟达被立案调查；数据删除取代加密，新型勒索软件攻击或让企业面临更大风险 | 牛览

Researchers found that the broad accessibility of streams of Scottish Parliamentary proceedings make them highly susceptible to deepfake attacks

《API安全技术应用指南（2024版）》报告发布

A vulnerability, which was classified as critical, was found in e107 CMS 0.7.24. Affected is an unknown function of the file install_.php of the component Installation. The manipulation leads to os command injection. This vulnerability is traded as CVE-2011-1513. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday. “We’ve discovered at least 10 businesses whose Cleo servers were compromised with a notable uptick in exploitation observed on December 8 around 07:00 UTC. After some initial analysis, however, we have found evidence of exploitation as early as December 3,” they shared, and noted that there … More →

The post Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623) appeared first on Help Net Security.