Aggregator

Sci-Hub 创始人 Alexandra Elbakyan 正在尝试一种新的筹资方式：模因币。2024 年 12 月，匿名支持者发行了模因币 $SCIHUB，该代币二成供应量将专门用于资助 Sci-Hub。项目的市值达到了 2000 万美元，Elbakyan 套现了 2% 的代币筹集到了 50 万美元。Sci-Hub 以前主要依靠比特币捐款，但此类捐款并不稳定，该平台已经停止更新期刊数据库，可能就是因为缺乏资金。资金危机促成了模因币的融资实验。但这场实验并非一帆风顺。一个重要原因是 $SCIHUB 不是 Sci-Hub 官方发行的，而是来自匿名人士，社区支持者并不信任该项目。Elbakyan 的解决方法是创建了一个 Sci-Hub 直接控制的新代币地址，将资金转移到该地址。加密货币社区成员指责此举是 rugging 了原始项目——rug 是一个加密货币行业的俚语，指的是放弃项目套现跑路。此事凸显了支持开放科学的 Elbakyan 与充斥着投机的加密货币行业之间的文化差异。Elbakyan 称，$SCIHUB 首先应被视为支持开放科学的一种捐赠，而不是一种投资工具。

Пекин. Ночь. Четыре команды из металла. Ни одного человека за кулисами.

Linus Torvalds has released Linux kernel 6.16-rc4, marking another stable milestone in the development cycle despite what he describes as a “fairly large merge window.”  The latest release candidate continues the trend of maintaining stability while addressing critical issues across filesystem implementations, hardware drivers, and architectural support.  Summary1. Linux 6.16-rc4 delivers significant improvements to bcachefs […]

The post Linux 6.16-rc4 Released With Fixes for Filesystem, Driver & Hardware Support appeared first on Cyber Security News.

The DOJ and other U.S. agencies has charged 324 people, including medical professionals and pharmacists, in connection with a series of investigations into health care fraud, with one investigation dubbed Operation Gold Rush involving $10.6 billion in fraud, the largest such case in history.

The post DOJ Charges 324 in Sprawling $14.6 Billion Health Care Fraud Scams appeared first on Security Boulevard.

Microsoft is set to revolutionize user interaction with artificial intelligence agents and bots in Teams through a streamlined integration experience launching in June 2025.  The technology giant will deploy this enhanced agent engagement system to a randomized subset of users across Teams for Windows desktop, Teams for Mac desktop, and Teams for the web as […]

The post Microsoft Teams to Let Users Add Agents and Bots in Current Conversations appeared first on Cyber Security News.

Werken bij Defensie is ‘hot’. Steeds meer jongeren weten hun weg te vinden naar de krijgsmacht. Nu komt zelfs kroonprinses Amalia de gelederen versterken. Ze gaat na de zomer aan de slag als werkstudent bij het Defensity College. Dat vertelde zij gisteren tijdens de zomerontmoeting met de pers.

European law enforcement agencies have successfully dismantled a sophisticated cryptocurrency investment fraud network that laundered EUR 460 million in illicit profits from over 5,000 victims globally.  The coordinated operation, executed on June 25, 2025, represents one of the largest international cryptocurrency fraud busts in recent history, highlighting the growing threat of digital asset-related financial crimes […]

The post Europol Dismantles Fraud Crypto Investment Ring That Tricked 5000+ Victims Worldwide appeared first on Cyber Security News.

Esse Health, a healthcare provider based in St. Louis, Missouri, is notifying over 263,000 patients that their personal and health information was stolen in an April cyberattack. [...]

Собрать чип в России дороже, чем его изобрести, но других вариантов больше нет.

The FY 2026 House Homeland Security Appropriations Bill highlights growing focus in Congress on protecting border infrastructure from cyber threats. The directive to implement continuous monitoring and real-time threat intelligence reflects a broader push toward modern, preventive cybersecurity across federal agencies.

As the digital and physical worlds become increasingly intertwined, the technologies used to protect national borders — once largely isolated — are now connected, intelligent and, unfortunately, more vulnerable than ever. Surveillance systems and cameras, biometric scanners, drones and other operational technology (OT) systems have become essential components of modern border protection. But with their growing capabilities comes an urgent need to secure them against cyber threats.

Today’s cybersecurity landscape demands more than just IT protection. The OT and internet of things (IoT) environments that underpin essential services, especially at the border, must be integral to any modern security strategy.

A legislative signal: Border security in the spotlight

Recent developments in Congress underscore a significant policy direction. The House Appropriations Committee recently passed its version of the FY 2026 (FY26) House Homeland Security Appropriations Bill. The bill places a clear focus on securing border infrastructure through proactive cybersecurity measures. This momentum builds on broader federal cybersecurity efforts, including:

• Executive Order 14306 reinforcing critical infrastructure defenses in response to escalating nation-state cyber threats
• Transportation Security Administration (TSA) security directives targeting OT in pipeline, rail and aviation infrastructure
• The Cybersecurity and Infrastructure Security Agency (CISA) Binding Operation Directive 23-01 requiring comprehensive asset visibility across IT, OT and IoT
• The Office of Management and Budget (OMB) Memorandum M-24-04, mandating inventories of all IoT and OT devices

While the FY26 House Homeland Security Appropriations Bill still needs to pass the House floor, the Senate, and be signed into law by the President, its language sends a strong signal: OT systems are no longer cybersecurity afterthoughts — they are national security imperatives.

A clear mandate for proactive security

The bill specifically encourages U.S. Customs and Border Protection (CBP) to "implement a proactive strategy to support real-time threat intelligence, risk-based prioritization, and continuous monitoring of critical border security technologies." This is a powerful statement, emphasizing a move away from reactive incident response to a more preventive and adaptive security posture.

It also directs CBP to brief Congress on its efforts to "assess, prioritize, and mitigate cybersecurity vulnerabilities and misconfigurations across all IT, OT, and IoT assets within the border security technology ecosystem." The directive explicitly calls for a holistic view of the attack surface, acknowledging that security gaps in OT and IoT systems can pose as significant a risk as those in traditional IT.

Why this matters for federal agencies

Border technologies do more than monitor perimeters, they enable the entire infrastructure of U.S. border operations. These systems help detect illegal crossings, track cargo, identify high-risk individuals and facilitate lawful trade and travel. A cyber attack on these systems isn’t just a technical problem, it’s a national security risk. Disruptions could impair real-time situational awareness, halt operations at ports of entry and potentially allow bad actors to bypass detection.

Congressional focus on OT/IoT security at the federal level is a significant step forward for several reasons:

• Elevating OT/IoT to national priority: The bill validates what many in the cybersecurity community have long recognized: that OT and IoT systems are core components of critical infrastructure and must be secured accordingly.
• Driving a proactive approach: The emphasis on "proactive strategy," "real-time threat intelligence," "risk-based prioritization" and "continuous monitoring" reflect modern cybersecurity best practices. It’s a clear move from reactive defenses to proactive exposure management.
• Encouraging comprehensive visibility: Today’s border systems don’t operate in isolation. They’re part of a broader ecosystem that includes IT networks, cloud platforms, OT and IoT devices. Directing CBP to secure all IT, OT and IoT assets reinforces the need for complete visibility across the entire attack surface because you can't secure what you can't see.
• Safeguarding data privacy and operational continuity: Border security systems handle highly sensitive data — including biometric records, surveillance footage and traveler information — making them a prime target for attacks. The bill’s language underscores the need for strong, proactive controls to protect data and avoid operational interruptions.
• Setting a precedent for broader federal security: The language within the Homeland Security bill can serve as a strong indicator for other federal agencies and departments regarding the increasing importance of securing their own OT and IoT deployments. This ripple effect could lead to a broader enhancement of critical infrastructure security across the U.S. and inspire similar initiatives globally.

Beyond the border: A broader commitment to cyber resilience

In addition to the border security language, the FY26 House Homeland Security Appropriations Act also includes several other crucial cybersecurity initiatives relevant to a secure federal attack surface:

1. Advancing CDM capabilities: This bill supports strengthening foundational security initiatives like piloting next gen technologies- like OT asset discovery and integration into the Continuous Diagnostics and Mitigation (CDM) program.
2. Embracing modern security paradigms: The bill encourages the adoption of cutting-edge security approaches such as AI-powered security and detection tools, application-based IoT discovery, cloud security, Zero Trust Architecture (ZTA) and post-quantum cryptography, highlighting a commitment to modern, adaptive defense models.
3. Supply chain and critical infrastructure protection: The bill directs CISA to focus on the most vital critical infrastructure sectors, explore new services like supply-chain vendor certification and real-time risk monitoring and assess a cyber readiness pilot for DHS contractors.

What this means for Tenable U.S. customers

The FY26 House Homeland Security Appropriations Bill reinforces a critical national priority: safeguarding the cyber integrity of U.S. border security technology and homeland security systems. This aligns closely with Tenable’s mission to support federal agencies in gaining visibility, understanding risk and proactively strengthening their cybersecurity posture.

As agencies like CBP deploy advanced technological solutions, the need for trusted, capable partners becomes even more vital. Tenable is committed to standing alongside our federal partners — not just as a technology provider but as a mission ally in defending the systems that protect U.S. borders and, ultimately, the nation’s national resilience. Because securing border technologies isn’t just about protecting entry points — it’s about setting a standard for how critical infrastructure is secured across the country.

Learn more

• Explore Tenable solutions for government
• Learn more about Tenable One FedRAMP
• Learn more about Tenable OT Security
• Request a demo

The post U.S. House Homeland Security Appropriations Bill Seeks to Modernize Border Infrastructure Security with Proactive OT/IT Security Measures appeared first on Security Boulevard.

Learn how to turn post-deployment services into a revenue opportunity and provide ongoing value for your customers with industry-leading tools and service playbooks.

The FY 2026 House Homeland Security Appropriations Bill highlights growing focus in Congress on protecting border infrastructure from cyber threats. The directive to implement continuous monitoring and real-time threat intelligence reflects a broader push toward modern, preventive cybersecurity across federal agencies.

As the digital and physical worlds become increasingly intertwined, the technologies used to protect national borders — once largely isolated — are now connected, intelligent and, unfortunately, more vulnerable than ever. Surveillance systems and cameras, biometric scanners, drones and other operational technology (OT) systems have become essential components of modern border protection. But with their growing capabilities comes an urgent need to secure them against cyber threats.

Today’s cybersecurity landscape demands more than just IT protection. The OT and internet of things (IoT) environments that underpin essential services, especially at the border, must be integral to any modern security strategy.

A legislative signal: Border security in the spotlight

Recent developments in Congress underscore a significant policy direction. The House Appropriations Committee recently passed its version of the FY 2026 (FY26) House Homeland Security Appropriations Bill. The bill places a clear focus on securing border infrastructure through proactive cybersecurity measures. This momentum builds on broader federal cybersecurity efforts, including:

• Executive Order 14306 reinforcing critical infrastructure defenses in response to escalating nation-state cyber threats
• Transportation Security Administration (TSA) security directives targeting OT in pipeline, rail and aviation infrastructure
• The Cybersecurity and Infrastructure Security Agency (CISA) Binding Operation Directive 23-01 requiring comprehensive asset visibility across IT, OT and IoT
• The Office of Management and Budget (OMB) Memorandum M-24-04, mandating inventories of all IoT and OT devices

While the FY26 House Homeland Security Appropriations Bill still needs to pass the House floor, the Senate, and be signed into law by the President, its language sends a strong signal: OT systems are no longer cybersecurity afterthoughts — they are national security imperatives.

A clear mandate for proactive security

The bill specifically encourages U.S. Customs and Border Protection (CBP) to "implement a proactive strategy to support real-time threat intelligence, risk-based prioritization, and continuous monitoring of critical border security technologies." This is a powerful statement, emphasizing a move away from reactive incident response to a more preventive and adaptive security posture.

It also directs CBP to brief Congress on its efforts to "assess, prioritize, and mitigate cybersecurity vulnerabilities and misconfigurations across all IT, OT, and IoT assets within the border security technology ecosystem." The directive explicitly calls for a holistic view of the attack surface, acknowledging that security gaps in OT and IoT systems can pose as significant a risk as those in traditional IT.

Why this matters for federal agencies

Border technologies do more than monitor perimeters, they enable the entire infrastructure of U.S. border operations. These systems help detect illegal crossings, track cargo, identify high-risk individuals and facilitate lawful trade and travel. A cyber attack on these systems isn’t just a technical problem, it’s a national security risk. Disruptions could impair real-time situational awareness, halt operations at ports of entry and potentially allow bad actors to bypass detection.

Congressional focus on OT/IoT security at the federal level is a significant step forward for several reasons:

• Elevating OT/IoT to national priority: The bill validates what many in the cybersecurity community have long recognized: that OT and IoT systems are core components of critical infrastructure and must be secured accordingly.
• Driving a proactive approach: The emphasis on "proactive strategy," "real-time threat intelligence," "risk-based prioritization" and "continuous monitoring" reflect modern cybersecurity best practices. It’s a clear move from reactive defenses to proactive exposure management.
• Encouraging comprehensive visibility: Today’s border systems don’t operate in isolation. They’re part of a broader ecosystem that includes IT networks, cloud platforms, OT and IoT devices. Directing CBP to secure all IT, OT and IoT assets reinforces the need for complete visibility across the entire attack surface because you can't secure what you can't see.
• Safeguarding data privacy and operational continuity: Border security systems handle highly sensitive data — including biometric records, surveillance footage and traveler information — making them a prime target for attacks. The bill’s language underscores the need for strong, proactive controls to protect data and avoid operational interruptions.
• Setting a precedent for broader federal security: The language within the Homeland Security bill can serve as a strong indicator for other federal agencies and departments regarding the increasing importance of securing their own OT and IoT deployments. This ripple effect could lead to a broader enhancement of critical infrastructure security across the U.S. and inspire similar initiatives globally.

Beyond the border: A broader commitment to cyber resilience

In addition to the border security language, the FY26 House Homeland Security Appropriations Act also includes several other crucial cybersecurity initiatives relevant to a secure federal attack surface:

1. Advancing CDM capabilities: This bill supports strengthening foundational security initiatives like piloting next gen technologies- like OT asset discovery and integration into the Continuous Diagnostics and Mitigation (CDM) program.
2. Embracing modern security paradigms: The bill encourages the adoption of cutting-edge security approaches such as AI-powered security and detection tools, application-based IoT discovery, cloud security, Zero Trust Architecture (ZTA) and post-quantum cryptography, highlighting a commitment to modern, adaptive defense models.
3. Supply chain and critical infrastructure protection: The bill directs CISA to focus on the most vital critical infrastructure sectors, explore new services like supply-chain vendor certification and real-time risk monitoring and assess a cyber readiness pilot for DHS contractors.

What this means for Tenable U.S. customers

The FY26 House Homeland Security Appropriations Bill reinforces a critical national priority: safeguarding the cyber integrity of U.S. border security technology and homeland security systems. This aligns closely with Tenable’s mission to support federal agencies in gaining visibility, understanding risk and proactively strengthening their cybersecurity posture.

As agencies like CBP deploy advanced technological solutions, the need for trusted, capable partners becomes even more vital. Tenable is committed to standing alongside our federal partners — not just as a technology provider but as a mission ally in defending the systems that protect U.S. borders and, ultimately, the nation’s national resilience. Because securing border technologies isn’t just about protecting entry points — it’s about setting a standard for how critical infrastructure is secured across the country.

Learn more

• Explore Tenable solutions for government
• Learn more about Tenable One FedRAMP
• Learn more about Tenable OT Security
• Request a demo

If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is command-line utility in Unix-like operating systems that allows a low-privilege user to execute a command as another user, typically the root/administrator user. The utility effectively grants temporary elevated privileges without requiring the user to log in as root. … More →

The post Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) appeared first on Help Net Security.

招聘岗位：网络安全工程师要求：1.至少是有3年工作经验的，还在学校的不要投简历了!

A vulnerability classified as critical has been found in Xen 4.17.x/4.18.x. Affected is an unknown function of the component Flags Recovery Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-27465. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in ASR Falcon_Linux, Kestrel and Lapwing_Linux. It has been rated as problematic. This issue affects some unknown processing of the file tr069/tr098.c of the component tr069 Module. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-49482. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ASR Falcon_Linux, Kestrel and Lapwing_Linux. It has been declared as problematic. This vulnerability affects unknown code of the component con_mgr. The manipulation leads to denial of service. This vulnerability was named CVE-2025-5072. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Canonical Juju Utils up to 4.0.3. It has been classified as problematic. This affects the function cert.NewLeaf. The manipulation leads to cleartext storage of sensitive information. This vulnerability is uniquely identified as CVE-2025-6224. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in ASR Falcon_Linux, Kestrel and Lapwing_Linux and classified as critical. Affected by this issue is some unknown functionality of the file apps/lzma/src/LzmaEnc.c. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2025-49480. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in ASR Falcon_Linux, Kestrel and Lapwing_Linux and classified as critical. Affected by this vulnerability is an unknown functionality of the file apps/atcmd_server/src/dev_api.C. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2025-49492. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.