锁定台“资通电军”网络部队,360首次披露台湾五大黑客组织
6月5日,国家计算机病毒应急处理中心和360数字安全集团联合发布《台民进党当局“资通电军”黑客组织网络攻击活动调查报告》,首次公开披露了360 集团近年来追踪的归属于中国台湾省的五大黑客组织。
Aggregator
堆栈不在,何必欺骗?
1 month 4 weeks ago
如果堆栈不存在的话,就没有必要伪造堆栈了 : )
黑客通过GitHub项目的后门代码攻击其它黑客和游戏玩家
1 month 4 weeks ago
思科提醒注意严重的 ISE 和 CCP 漏洞
1 month 4 weeks ago
速修复
BCS2025|第十届安全创客汇决赛落幕 安泉数智、泛联新安获双赛道年度冠军
1 month 4 weeks ago
安泉数智获得技术创新赛道年度冠军,泛联新安获得成长潜力赛道年度冠军,各获得10万元奖金
我不再依赖 CVE ,对漏洞管理的重新构想
1 month 4 weeks ago
疲于奔命的漏洞管理漏洞管理的天然滞后性,加上策略和流程的延迟,让安全团队疲于奔命。
Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs
1 month 4 weeks ago
Federal authorities have revealed that the notorious Play ransomware group has successfully breached approximately 900 organizations worldwide as of May 2025, marking a dramatic escalation in cybercriminal activity that has prompted an urgent security advisory from multiple government agencies. The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s […]
The post Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs appeared first on Cyber Security News.
Guru Baran
随着 Windows 10 即将终止支持,KDE 项目试图吸引微软用户
1 month 4 weeks ago
微软将于今年 10 月 14 日终止支持 Windows 10,Windows 10 PC 用户仍然可以继续使用,但微软不会再释出安全更新,意味着继续使用将会存在安全风险。KDE 项目试图吸引部分 Windows 10 用户转投 Linux,它发起了名为“KDE for Windows 10 Exiles”的宣传活动,微软建议无法升级到 Windows 11 的用户购买新电脑,而 KDE 建议这些用户安装 Linux 及其 Plasma 桌面环境。KDE 项目称,安装 Linux 没有以前那么难,但用户仍然需要仔细阅读安装说明。
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
1 month 4 weeks ago
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash.
"The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information," the DoJ said. "BidenCash
The Hacker News
DataEase H2数据库远程代码执行漏洞(CVE-2025-49002)
1 month 4 weeks ago
2025年6月5日,深瞳漏洞实验室监测到一则DataEase组件存在代码执行漏洞的信息,漏洞编号:CVE-2025-49002,漏洞威胁等级:高危。
深度剖析 Google AI 眼镜战略:「百镜大战」没来,但谷歌想用 Gemini「再次伟大」
1 month 4 weeks ago
戴上 Gemini 很美好,做出这副眼镜太不易。
Sharp4BypassAMSI:一款通过 Patch 内存绕过 AMSI 检测的工具
1 month 4 weeks ago
自从无文件攻击成为主流,攻击者们越来越倾向于将 payload 保存在内存中,通过脚本解释器动态加载并执行,从而绕过杀软和防火墙的查杀。这种趋势对传统反病毒软件提出了新的挑战,而微软推出的 AMSI 正是为应对这一问题而诞生。
更新:改造模糊测试工具 | 系统0day安全-二进制漏洞攻防(第4期)
1 month 4 weeks ago
掌握二进制漏洞挖掘和利用的基本原理和方法,包括模糊测试、AFL原理、ASAN原理等。
库存告急啦!2025·看雪周边T恤惊喜上线
1 month 4 weeks ago
黑客非法入侵5000个托管账户挖矿,乌克兰警方成功将其逮捕
1 month 4 weeks ago
乌克兰黑客入侵托管账户挖矿致450万美元损失。
VMProtect3.5.1脱壳临床指南
1 month 4 weeks ago
看雪论坛作者ID:舒默哦
网络安全信息与动态周报2025年第22期(5月26日-6月1日)
1 month 4 weeks ago
本周,互联网网络安全态势整体评价为良。
Crypto24
1 month 4 weeks ago
You must login to view this content
cohenido
Meet Escape Copilot: Automate App and Scan Management via MCP
1 month 4 weeks ago
Meet Escape Copilot. Powered by the MCP over the Escape Public API, it helps you boost productivity and get more done with less context switching inside Escape.
The post Meet Escape Copilot: Automate App and Scan Management via MCP appeared first on Security Boulevard.
Alexandra Charikova
Cisco ISE Vulnerability Allows Remote to Access Sensitive Data – PoC Exploit Available
1 month 4 weeks ago
A critical vulnerability affecting its Identity Services Engine (ISE) when deployed on major cloud platforms, warning that proof-of-concept exploit code is now publicly available. The flaw, tracked as CVE-2025-20286 with a CVSS score of 9.9, enables unauthenticated remote attackers to access sensitive data and execute administrative operations across multiple cloud deployments due to improperly generated […]
The post Cisco ISE Vulnerability Allows Remote to Access Sensitive Data – PoC Exploit Available appeared first on Cyber Security News.
Kaaviya