Aggregator

A vulnerability was found in Adobe Flash Player up to 11.2.202.540/19.0.0.213/19.0.0.226. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2015-8044. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

依据《中华人民共和国网络安全法》《中华人民共和国数据安全法》《中华人民共和国个人信息保护法》《网络产品安全漏洞管理规定》等法律法规，按照工业和信息化部工作部署要求，国家监管机构持续开展APP隐私合规和网络数据安全专项整治。

梆梆安全《安全隐私合规监管趋势报告》持续跟进国家监管机构通报数据，并依据近期监管支撑发现存在隐私合规类问题的APP数据，从APP行业分类及隐私合规问题进行分类说明，帮助企业更好的完成APP隐私合规建设。

最新监管通报动态

4月1日，湖北通管局依据相关法律法规，组织第三方检测机构对省内APP应用侵害用户权益行为开展检查，截至目前，尚有1款APP未按期进行整改，上述APP运营者应限期提交书面说明，逾期未提交或理由不充分的，湖北通管局将依法依规组织开展相关处置工作。

4月3日，浙江通管局依据相关法律法规，持续开展APP侵害用户权益治理工作，截至目前，尚有5款APP未按要求完成整改，上述APP应限期完成整改，对于整改落实不到位的，浙江通管局将视情采取下架、关停、行政处罚等措施。

4月3日，山东通管局依据相关法律法规，开展APP侵害用户权益专项整治工作，截至目前，仍有12款APP未在要求的限期内完成整改，上述APP应限期完成整改与情况反馈工作，对于再次逾期仍未整改到位的，山东通管局将视情采取下架、关停、行政处罚等措施；另仍有4款APP未完成整改反馈，山东通管局决定对上述APP予以下架处理。

4月7日, 安徽通管局依据相关法律法规，对省内APP进行了拨测检查，截至目前，尚有5款APP未完成问题整改，上述APP应限期完成整改，逾期未整改的，安徽通管局将依法依规组织开展相关处置工作。

4月10日, 内蒙古通管局依据相关法律法规，委托第三方检测机构对属地APP进行抽检，发现68款APP存在隐私合规问题，上述APP应限期完成整改，逾期未整改的，内蒙古通管局将依法依规予以社会公告、组织APP下架、停止APP接入服务等处理。

4月10日, 上海通管局依据相关法律法规，持续整治APP侵害用户权益的违规行为，并组织第三方检测机构对市内移动互联网应用程序进行抽查，共发现5款APP及小程序存在侵害用户权益行为，上述APP及小程序应限期完成整改，整改落实不到位的，上海通管局将依法依规组织开展处置工作。

4月14日, 宁夏通管局依据相关法律法规，持续开展APP个人信息保护和网络数据安全专项整治工作，截至目前，尚有6款小程序未按要求完成整改，上述小程序应限期完成整改，逾期未整改或整改不到位的，宁夏通管局将依法依规予以处置。

4月14日, 河北通管局依据相关法律法规，持续整治APP侵害用户权益的违规行为，截至目前，尚有7款APP未按照要求完成整改，河北通管局决定对上述APP予以下架处理。

监管支撑汇总

1.梆梆监管支撑数据

依据近两周监管支撑发现存在隐私合规类问题的APP数据，从APP行业分类及TOP2问题数据两方面来说明。

1）问题行业TOP5：

酒店服务、实用工具、本地生活，运动健身、网上购物。

2）隐私合规问题TOP2：

TOP1：164号文 1：APP、SDK未告知用户收集个人信息的目的、方式、范围且未经用户同意，私自收集用户个人信息；

TOP2：164号文 5：APP强制、频繁、过度索取权限。

2.国家监管数据分析

针对国家近两周监管通报数据，依据问题类型，统计涉及APP数量如下：

问题分类

问题数量

违规收集个人信息

100

APP强制、频繁、过度索取权限

27

APP频繁自启动或关联启动

16

违规使用个人信息

15

超范围收集个人信息

10

欺骗误导用户提供个人信息

8

未按法律规定提供删除或更正个人信息功

能或未公布投诉、举报方式等信息

4

未明示收集使用个人信息的目的、方式和

范围

1

应用分发平台上的APP信息明示不到位

1

总计

182

针对国家近两周监管通报数据，依据APP类型，统计出现通报的APP数量如下：

App类型

App数量

实用工具

26

新闻资讯

25

本地生活

16

网上购物

9

学习教育

6

餐饮外卖

4

求职招聘

4

即时通信

3

网络社区

3

网络约车

3

用车服务

3

在线影音

3

旅游服务

2

手机银行

2

问诊挂号

2

投资理财

1

网络游戏

1

总计

113

A vulnerability was found in PrePost SEO Plugin up to 3.0 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-2029. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in yzCMS 2.0. This affects an unknown part of the component Token Check Handler. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2020-20502. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in LibTIFF 4.5.0. It has been declared as critical. This vulnerability affects the function extractContigSamplesShifted8bits of the file /libtiff/tools/tiffcrop.c. The manipulation leads to buffer overflow. This vulnerability was named CVE-2023-25435. The attack can be initiated remotely. There is no exploit available.

A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to deploy malicious tools like Ammyy Admin and PetitPotato malware. Cybersecurity researchers have observed attackers exploiting vulnerabilities in these servers to gain unauthorized access, execute commands for reconnaissance, and install malware that facilitates remote access and privilege escalation. This emerging threat underscores […]

The post Hackers Exploit MS-SQL Servers to Deploy Ammyy Admin for Remote Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

果真是漏洞挖掘一把好手！

果真是漏洞挖掘一把好手！

Look out for AI-generated 'TikDocs' who exploit the public's trust in the medical profession to drive sales of sketchy supplements

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below - CVE-2025-27610 (CVSS score: 7.5) - A path traversal

A vulnerability, which was classified as problematic, has been found in DomainMod up to 4.11.01. This issue affects some unknown processing of the file admin/domain-fields/ of the component Custom Domain Handler. The manipulation of the argument Add Custom leads to cross site scripting. The identification of this vulnerability is CVE-2018-19750. The attack may be initiated remotely. Furthermore, there is an exploit available.

The Zscaler ThreatLabz 2025 Phishing Report unveils the alarming sophistication of modern phishing attacks, driven by generative AI (GenAI). By examining over 2 billion blocked phishing transactions on the Zscaler Zero Trust Exchange™ cloud security platform from January to December 2024, the report highlights a seismic shift in cybercriminal tactics. Cybercriminals Leverage GenAI for Hyper-Targeted […]

The post New Report Reveals How AI is Rapidly Enhancing Phishing Attack Precision appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

5家卫生院因医疗信息安全制度保障措施不健全被处罚，4人因泄露公民个人健康信息被处罚。

约280万人身份信息、健康信息、医保信息等泄露

Company Overview Aurascape is a cybersecurity startup founded in 2023 and headquartered in Santa Clara, California, USA. The company was co-founded by senior security experts and engineers from world-class technology companies such as Palo Alto Networks, Google, and Amazon. The team has deep expertise in the fields of network security, artificial intelligence, and network infrastructure, […]

The post RSAC 2025 Innovation Sandbox | Aurascape: Reconstructing the Intelligent Defense Line of AI Interactive Visibility and Native Security appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post RSAC 2025 Innovation Sandbox | Aurascape: Reconstructing the Intelligent Defense Line of AI Interactive Visibility and Native Security appeared first on Security Boulevard.

Microsoft has announced the retirement of Entra Permissions Management (formerly CloudKnox), with sales ending June 30, 2025. EPM offered valuable visibility into cloud permissions, helping teams identify overprivileged identities across AWS, Azure, and GCP. But for many organizations, that visibility came with significant manual overhead: Policy rewrites, change windows, and time-consuming investigations. As EPM sunsets, […]

The post A Smarter Alternative to Entra Permissions Management appeared first on Security Boulevard.

Аудио, UI и педали — всё в одном корпусе с open-source корнями.

VulnCheck’s latest report for Q1 2025 has identified 159 Common Vulnerabilities and Exposures (CVEs) publicly disclosed as exploited in the wild for the first time. Alarmingly, 28.3% of these Known Exploited Vulnerabilities (KEVs) saw evidence of exploitation within just one day of their CVE disclosure, underscoring the lightning-fast pace at which threat actors capitalize on […]

The post 159 CVEs Exploited in the Wild in Q1 2025, 8.3% Targeted Within 1-Day Vulnerabilities Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma

A vulnerability has been found in Blogengine.NET up to 3.3.8.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to open redirect. This vulnerability was named CVE-2023-33405. The attack needs to be initiated within the local network. There is no exploit available.