Aggregator
Groups Push Back on HHS' Proposed Health IT Rollbacks
1 month 1 week ago
CHIME, AHA, Others Contend Privacy, Security Burden Would Shift to Providers
Proposals to eliminate certain longstanding health IT certification criteria - including privacy and security related controls - will shift regulatory burden from health IT developers to healthcare providers, some industry groups contend in their public response to proposed federal rulemaking.
Proposals to eliminate certain longstanding health IT certification criteria - including privacy and security related controls - will shift regulatory burden from health IT developers to healthcare providers, some industry groups contend in their public response to proposed federal rulemaking.
Cybersecurity Leadership: Identity, Access, Complexity
1 month 1 week ago
CEOs and CISOs on Dealing With the ‘Work From Anywhere’ Challenge
In this era of "work from anywhere," identity and access management solutions are challenged more than ever. What are the strategies and solutions recommended by top CEOs and CISOs in the cybersecurity sector? An expert panel weighs in.
In this era of "work from anywhere," identity and access management solutions are challenged more than ever. What are the strategies and solutions recommended by top CEOs and CISOs in the cybersecurity sector? An expert panel weighs in.
Startup JetStream Secures $34M Seed Round for AI Governance
1 month 1 week ago
Blueprint Model From Ex-CrowdStrike Product Leader Targets MCP Servers, Cost Sprawl
JetStream has raised $34 million in seed funding to tackle enterprise AI governance challenges. The startup introduced blueprint-based controls to manage shadow AI, MCP servers and token-level spending while helping CISOs gain visibility and enforce guardrails across cloud and SaaS environments.
JetStream has raised $34 million in seed funding to tackle enterprise AI governance challenges. The startup introduced blueprint-based controls to manage shadow AI, MCP servers and token-level spending while helping CISOs gain visibility and enforce guardrails across cloud and SaaS environments.
Juniper PTX Routers at Risk, Critical Takeover Flaw Disclosed
1 month 1 week ago
Juniper Tells Customers to Tune Their Firewall
A critical vulnerability in Juniper Networks' primary operating system could give threat actors root level privileges to execute code on Juniper’s PTX Series routers. Successful exploitation would give attackers full command and control over devices without the need for authentication.
A critical vulnerability in Juniper Networks' primary operating system could give threat actors root level privileges to execute code on Juniper’s PTX Series routers. Successful exploitation would give attackers full command and control over devices without the need for authentication.
观测数据显示伊朗互联网流量(国际)跌至0.1% 已持续断网超过72小时
1 month 1 week ago
好的,用户让我帮他总结一篇文章的内容,控制在一百个字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,抓住主要信息。
文章讲的是伊朗在军事行动后切断了国际互联网,流量跌到0.1%,断网超过72小时。还有提到以色列入侵交通监控摄像头收集情报。此外,部分民众使用星链卫星系统访问国际互联网,但可能受到干扰。
接下来,我要把这些关键点浓缩成一句话。要确保涵盖断网原因、持续时间、以色列的情报活动以及民众使用的卫星系统和干扰情况。
最后,检查字数是否在限制内,并确保语言简洁明了。
伊朗因美以军事行动切断国际互联网,流量降至正常水平的0.1%,断网超72小时。以色列或通过入侵交通监控摄像头收集情报。部分民众使用星链卫星系统访问国际互联网,但可能受频率干扰器影响。
日益严峻的安全隐患:MCP系统中的提示注入漏洞
1 month 1 week ago
重磅发布:熬🦞成功!!用200美刀和200小时的经验告诉你如何成功养成一只高阶Openclaw。附三个基础设施级别的技能。
1 month 1 week ago
上周日揣着🦞去香港爬了个山,在回深圳的路上,一边过关-高铁-地铁-到酒店,用一个小时左右的时间,引导🦞完成
Gunra
1 month 1 week ago
You must login to view this content
cohenido
Gunra
1 month 1 week ago
You must login to view this content
cohenido
Audible推出更便宜的“标准”订阅套餐
1 month 1 week ago
嗯,用户让我帮忙总结一篇文章,控制在100字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,抓住关键点。文章讲的是Audible推出了一个更便宜的订阅套餐,价格是每月8.99美元,比现有的Premium套餐便宜了6美元。新套餐包括每月一本有声书和无限畅听精选库,但退订后无法访问已收听的内容。而Premium套餐则允许保留已收听的内容。这个新套餐在多个市场推出,并计划在更多地方测试。
接下来,我要把这些信息浓缩到100字以内。首先确定主要信息:Audible推出低价订阅套餐,价格、包含内容、退订后的限制、Premium的优势以及市场情况。然后用简洁的语言把这些点连贯起来。
可能的结构是:平台名称+新订阅套餐+价格+包含内容+退订限制+Premium的优势+市场情况。这样既全面又简洁。
现在开始组织语言:Audible推出每月8.99美元的标准订阅套餐,包含每月一本有声书和精选库无限畅听,但退订后无法访问已收听内容。Premium套餐则允许保留已收听内容,并且新标准套餐正在多国推出,并计划扩展更多市场。
检查一下是否符合要求:100字以内,直接描述内容,没有使用特定的开头词。看起来没问题。
Audible推出每月8.99美元的标准订阅套餐,包含每月一本有声书和精选库无限畅听,但退订后无法访问已收听内容;Premium套餐仍可保留已收听内容,并在多国推出新标准套餐以扩展市场。
[实验性] 有开发者破解苹果ANE神经网络引擎 原来M4芯片也能直接训练小模型
1 month 1 week ago
嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内。首先,我需要仔细阅读文章,抓住主要信息。文章讲的是有开发者通过逆向工程破解了苹果的ANE神经网络引擎,发现在M4芯片上可以直接训练AI模型,虽然现在只能训练很小的模型。苹果本来是用ANE来运行AI模型的,但开发者发现了隐藏的功能,证明ANE也能用来训练模型。这可能意味着未来个人设备可以自我学习和训练模型,而不需要依赖云端服务器。
接下来,我需要提炼这些信息,控制在100字以内。重点包括:开发者破解ANE引擎、在M4芯片上训练AI模型、苹果未公开此功能、未来可能实现设备自我学习。
然后,组织语言,确保简洁明了。比如:“开发者通过逆向工程发现苹果M4芯片的ANE神经网络引擎可直接训练AI模型,尽管目前仅限小型模型。此发现揭示了苹果隐藏的功能,未来可能使个人设备实现自我学习和训练。” 这样既涵盖了主要信息,又符合字数要求。
最后检查一下是否准确传达了文章的核心内容,并且没有遗漏重要细节。确认无误后就可以给出总结了。
开发者通过逆向工程发现苹果M4芯片的ANE神经网络引擎可直接训练AI模型,尽管目前仅限小型模型。此发现揭示了苹果隐藏的功能,未来可能使个人设备实现自我学习和训练。
INC
1 month 1 week ago
You must login to view this content
cohenido
Metaencryptor
1 month 1 week ago
You must login to view this content
cohenido
伪装成钉钉安装程序银狐最新攻击样本与威胁情报
1 month 1 week ago
伪装成钉钉安装程序银狐最新攻击样本与威胁情报
The DocuSign Email That Wasn’t – A Three-Redirect Credential Harvest
1 month 1 week ago
好的,我现在需要帮用户总结这篇文章的内容,控制在100字以内。首先,我得仔细阅读文章,抓住主要信息。
文章讲的是攻击者发送了一个看起来像DocuSign的通知邮件,里面有“查看并签署”的按钮。点击后会通过Google Maps的重定向跳转到一个亚马逊S3托管的页面,用来收集用户的凭证。这个重定向链让URL扫描器无法检测到恶意链接,因为扫描器只检查了第一个跳转的Google域名,而后续的S3页面则没有被扫描到。
攻击者还用了真实的法律事务所的页脚和银行参考信息,增加了邮件的可信度。IronScales的自适应AI检测到了发送者基础设施和品牌身份之间的行为不匹配,在第一次点击之前就标记了这个威胁。
总结一下,文章描述了一个复杂的钓鱼攻击,利用多级重定向和真实信息来欺骗用户,并且提到了现有的安全措施如何未能阻止这种攻击,最后IronScales的技术成功拦截了它。
现在我要把这些要点浓缩到100字以内。要确保涵盖攻击手段、重定向链、绕过扫描的方法以及IronScales的作用。同时保持语言简洁明了。
攻击者利用DocuSign通知邮件伪装钓鱼链接,通过Google Maps和Amazon S3重定向链跳转至 credential harvesting页面。该链路绕过URL扫描器检测,并使用真实法律事务所页脚增加可信度。IronScales自适应AI通过检测发送者基础设施与品牌身份的行为不匹配,在首次点击前识别并拦截威胁。
The DocuSign Email That Wasn’t – A Three-Redirect Credential Harvest
1 month 1 week ago
TL;DR Attackers sent a convincing DocuSign notification with a "Review & Sign" button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain defeated URL scanners, and real law-firm footers added legitimacy. IRONSCALES Adaptive AI flagged the behavioral mismatch between sender infrastructure and brand identity before the first click.
Severity: High
Credential Harvesting
Brand Impersonation
MITRE: T1566.002
MITRE: T1598.003
→
Google Maps Redirect
→
Amazon S3 HTML Page
→
Credential Harvest
Credential Harvesting
Brand Impersonation
MITRE: T1566.002
MITRE: T1598.003
The "Review & Sign" button looked exactly like every DocuSign notification you've ever received. Same blue branding, same layout, same urgency. But the button didn't point to DocuSign. It pointed to Google Maps > then to Amazon S3 > then to a credential harvesting page that looked close enough to a Microsoft login to fool anyone moving fast.
A Redirect Chain Built to Dodge ScannersThe email arrived at a mid-size financial services firm on a Monday morning, formatted as a forwarded legal document awaiting signature. The body included realistic law-firm footers, a bank reference, and multiple legitimate links — all designed to make the one malicious link blend in.
That malicious link: a maps[.]google[.]be redirect that resolved to a public S3 bucket hosting an HTML page at bucket-secure-cdn-cdn-media-static[.]s3[.]us-east-1[.]amazonaws[.]com/about[.]html. The page mimicked a Microsoft 365 login.
The redirect chain is the whole game here. URL scanners check the first domain, Google, and stop. The S3 destination isn't evaluated until someone clicks, and by then, the scanner has already marked it safe.
Attack Flow DocuSign Lure Email→
Google Maps Redirect
→
Amazon S3 HTML Page
→
Credential Harvest
See Your Risk: Calculate how many threats like this your gateway is missing
Why the Gateway Gave It a PassEmail authentication didn't help. SPF passed, the sending server was legitimately authorized by the envelope domain, a small Japanese web services company with no connection to DocuSign. No DKIM signature. DMARC returned a best-guess pass.
So the email arrived with clean authentication, a trusted redirect domain (Google), and a hosting provider (AWS) that no blocklist is going to flag broadly. The attacker's infrastructure looked legitimate at every checkpoint.
Check Result Why It Didn't Help SPF Pass ✓ Sending server was authorized - by the wrong domain DKIM None No signature to validate DMARC Best-guess Pass No DMARC record - receiver inferred "pass" URL Scan Safe ✓ Only scanned first hop (Google domain)IRONSCALES Adaptive AI caught what the static checks missed: the behavioral mismatch between the sender's domain infrastructure (a Japanese web hosting provider) and the claimed identity (DocuSign). Combined with community-reported patterns matching the same S3 bucket across three other organizations, the platform quarantined the message within 90 seconds of delivery, before any recipient clicked.
Your TakeawayIf your email security relies on URL reputation at the first hop, redirect-chain attacks will sail through. Ask your security team: does our scanning follow redirects to the final destination? If the answer is "sometimes" or "I'm not sure" - that's the gap attackers are counting on.
Get a Demo: See how IRONSCALES detects redirect-chain phishing in real time
The post The DocuSign Email That Wasn’t – A Three-Redirect Credential Harvest appeared first on Security Boulevard.
Themis
CVE-2026-20445 | MediaTek MT8798 MDDP toctou
1 month 1 week ago
A vulnerability classified as problematic has been found in MediaTek MT6835, MT6855, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT6993, MT8188, MT8678, MT8755, MT8771, MT8797 and MT8798. The impacted element is an unknown function of the component MDDP. Performing a manipulation results in time-of-check time-of-use.
This vulnerability was named CVE-2026-20445. The attack needs to be approached locally. There is no available exploit.
Applying a patch is the recommended action to fix this issue.
vuldb.com
CVE-2025-58107 | Microsoft Exchange up to 2019 EAS information disclosure
1 month 1 week ago
A vulnerability marked as problematic has been reported in Microsoft Exchange up to 2019. This affects an unknown function of the component EAS. Performing a manipulation results in information disclosure.
This vulnerability is known as CVE-2025-58107. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com
CVE-2026-26697 | code-projects Simple Student Alumni System 1.0 recordteacher_view.php teacherID sql injection
1 month 1 week ago
A vulnerability was found in code-projects Simple Student Alumni System 1.0. It has been classified as critical. Impacted is an unknown function of the file /TracerStudy/recordteacher_view.php. The manipulation of the argument teacherID leads to sql injection.
This vulnerability is listed as CVE-2026-26697. The attack may be initiated remotely. There is no available exploit.
vuldb.com