Aggregator

尽管生成式人工智能被滥用于欺诈和深度伪造操作，网络安全公司Sophos在上周发布的一份报告中表示，该技术还可能被滥用，通过目标电子邮件传播定制的虚假信息。

Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies and connecting to various IP addresses. It establishes multiple backdoor connections and monitors user activity through Windows UI element hooks, which poses a significant security risk as it can compromise system integrity and steal sensitive data. The malware is a UPX-packed […]

The post CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Suricata之dnslog域名检测 by dpzxpz

Suricata之弱口令检测 by dpzxpz

大语言模型课程Slide by ourren

SecWiki周刊（第554期) by ourren

SecWiki周刊（第553期) by ourren

更多最新文章，请访问SecWiki

The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further investigation, where researchers have identified 40 variants, 16 droppers, and 22 active Command and Control servers associated with this threat.  These variants employ advanced techniques like zip file manipulation and obfuscation to evade detection. Despite the lack of IOC release, the […]

The post TrickMo Malware Targets Android Devices to Steal Unlock Patterns and PINs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The DOJ created NexFundAI, a false cryptocurrency company and token, in a sting that nabbed 19 people and companies accused of scamming investors by falsely creating the illusion of activity around their crypto and then selling at the inflated price in what investigators call "pump and dump" and "market maker" schemes.

The post DOJ Created NexFundAI Crypto Firm in Crypto Scamming Sting appeared first on Security Boulevard.

A vulnerability, which was classified as critical, has been found in aflog 1.01. Affected by this issue is some unknown functionality of the file comments.php. The manipulation leads to sql injection. This vulnerability is handled as CVE-2008-0397. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in aflog 1.01. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2008-0398. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as very critical was found in HP Virtual Rooms 1.0.0.100. This vulnerability affects unknown code in the library hpvirtualrooms14.dll of the component ActiveX Control. The manipulation leads to memory corruption. This vulnerability was named CVE-2008-0437. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in AlstraSoft Forum Pay Per Post Exchange 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component User Account. The manipulation leads to credentials management. This vulnerability is known as CVE-2008-0440. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in MoinMoin. Affected by this issue is some unknown functionality. The manipulation of the argument quicklinks leads to path traversal. This vulnerability is handled as CVE-2008-0782. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Japanese video game developer Game Freak has confirmed it suffered a cyberattack in August after source code and game designs for unpublished games were leaked online. [...]

Вычислительные графы скрывают такие угрозы, о которых вы даже не подозревали.

I receive a lot of spam in my catch-all mailboxes. If most of them are not interesting, some still