Aggregator

安全+网络 All In One NTA+NPM“双项全能”产品——斗象PRS全流量安全计算分析平台近年来受到众多高校及科研机构的青睐凭借复合型功能和高性价比成为兼具网络安全分析和网络性能监测“一站式

A vulnerability was found in Alsaplayer. It has been rated as critical. Affected by this issue is some unknown functionality of the file PlaylistWindow.cpp. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2006-4089. The attack may be launched remotely. Furthermore, there is an exploit available.

Recently, I came across a fantastic new paper by a group of NYU and Cornell researchers enti

Homeowners are increasingly concerned about data privacy in smart home products, according to Copeland. Homeowners see smart devices as boosting home security Homeowners are still generally comfortable in using new technology, but this year smart thermostat non-owners are less likely to feel comfortable using new tech compared to 2022 levels. Smart device owners tend to be younger compared to non-owners with more from the boomer generation. However, 2024 homeowners are less likely to consider themselves … More →

The post Homeowners are clueless about how smart devices collect their data appeared first on Help Net Security.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a pivotal report calling for urgent action to address the “software understanding gap.” This comprehensive document highlights the significant disparity between the rapid advancement in software production and the corresponding investment in understanding and maintaining these systems. The report emphasizes that this gap poses a considerable […]

The post CISA Releases Guidelines For Closing Software Understanding Gap appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload a malicious web shell to the IIS worker process (w3wp.exe).  They initially attempted to upload a web shell to another location but failed to interact with it. Network traffic analysis revealed the source of the […]

The post Hackers Deploy Web Shell To Abuse IIS Worker And Exfiltrate Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Commission has presented an EU action plan aimed at strengthening the cybersecurity of hospitals and healthcare providers. The initiative is an essential step in shielding the healthcare sector from cyber threats. Digitalization is revolutionizing healthcare, enabling better patient services through innovations such as electronic health records, telemedicine, and AI-driven diagnostics. However, cyberattacks can delay medical procedures, create gridlock in emergency rooms, and disrupt vital services, which, in severe cases, could directly impact the lives … More →

The post EU takes decisive action on healthcare cybersecurity appeared first on Help Net Security.

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。 文章

1. RansomHub勒索团伙公布新的受害公司 2. 8Base勒索团伙公布新的受害公司 3. Everest Group公布了新的受害公司

1. RansomHub勒索团伙公布新的受害公司 2. 8Base勒索团伙公布新的受害公司 3. Everest Group公布了新的受害公司

1. RansomHub勒索团伙公布新的受害公司 2. 8Base勒索团伙公布新的受害公司 3. Everest Group公布了新的受害公司

2025.1.11 – 2025.1.17每周勒索事件相关情报1. RansomHub勒索团伙公布新的受害公司2. 8Base勒索团伙公布新的受害公司3. Everest Group公布了新的受害公司

In recent months, a stealthy and highly sophisticated Linux rootkit named

Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data

Privacy / Data ProtectionAustrian privacy non-profit None of Your Business (noyb) has filed compl

HomeAIRaphael AI – 世界上首个无需注册、免费无限制的 AI 绘图工具，由 FLUX.1-Dev 模型驱动[早用早享受，晚了用不到]

Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Cisco, Commvault, and IT-Harvest. Cisco AI Defense safeguards against the misuse of AI tools Cisco AI Defense is purpose-built for enterprises to develop, deploy and secure AI applications with confidence. Automated testing checks AI models for hundreds of potential safety and security issues. This AI-driven algorithmic red team identifies potential vulnerabilities and recommends guardrails in AI Defense for security … More →

The post New infosec products of the week: January 17, 2025 appeared first on Help Net Security.

A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.