Aggregator

Extensive IPTV Network Spanning 1,000+ Domains and 10,000+ IP Addresses

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 week ago

Cybersecurity firm Silent Push has exposed a colossal illegal Internet Protocol Television (IPTV) network, revealing a sophisticated piracy operation that has been active for years across more than 1,000 domains and over 10,000 unique IP addresses. The findings highlight the immense scale and profitability of modern digital piracy. The network illegally streams premium content from […]

The post Extensive IPTV Network Spanning 1,000+ Domains and 10,000+ IP Addresses appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Varshini

Massive IPTV Hosted Across More Than 1,000 Domains and Over 10,000 IP Addresses

Cyber Security News

1 week ago

A sprawling network of illicit Internet Protocol Television (IPTV) services has been discovered, operating across more than 1,100 domains and in excess of 10,000 IP addresses. This sprawling infrastructure, which has remained active for several years, delivers unauthorized streams of premium content—including major sports leagues, subscription services, and on-demand platforms—without licensing agreements. Silent Push analysts […]

The post Massive IPTV Hosted Across More Than 1,000 Domains and Over 10,000 IP Addresses appeared first on Cyber Security News.

Tushar Subhra Dutta

«Большой брат» из VK? Депутат объяснил, почему MAX не следит за вами

Securitylab.ru

1 week ago

Немкин о слухах вокруг мессенджера MAX.

研究预测地球碳封存能力上限为 1.46 万亿吨

Solidot

1 week ago

《自然》最新发表一篇气候研究论文指出，地球在岩石构造中封存碳排放能力的实际上限预计为 1.46 万亿吨。研究人员称，在当前的变暖减缓情景下，该上限可能会在 2200 年达标，这提示各国应重新考虑碳封存在其减排计划中的作用。为实现净零碳排放的目标，二氧化碳源必须与二氧化碳汇的除碳量相当。实现这一目标的一个方法是利用捕获与封存技术将碳排放封存在地质构造中数百年或数千年。虽然之前有建议认为这一储碳量出奇的大，但仍需开展研究来明确其上限。根据 1.46 万亿吨的储量上限，论文作者指出地质碳封存能逆转今后最多 0.7°C 的全球变暖。同时该储量的约 70% 在陆地上，储存潜力较高的国家包括俄罗斯、美国、中国、巴西和澳大利亚，这些国家多为大型化石燃料开采国。

五年霸榜｜悬镜安全持续引领《2025年中国网络安全市场全景图》DevSecOps开发安全赛道

悬镜安全

1 week ago

连续五年，引领数字供应链安全领域！

【PC样本分析】某多多上steamcdk激活码的操作分析

吾爱破解论坛

1 week ago

之前无意间在某多多发现了steam的cdk激活码，竟然只要7.8元，直接拿下，看到店家发给我的激活流程我就发现问题了不是哥们，还要powershell激活，一眼有问题啊，直接分析。

Google Alerts to Active Exploitation of Sitecore Zero-Day Flaw

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 week ago

Security teams have issued a warning after Google researchers detected active attacks exploiting a new zero-day vulnerability in Sitecore products. Tracked as CVE-2025-53690, this flaw allows attackers to run code on unpatched servers by tampering with the ViewState mechanism in ASP.NET. Sitecore, a popular content management system, published deployment guides in 2017 and earlier that included […]

The post Google Alerts to Active Exploitation of Sitecore Zero-Day Flaw appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

从 CVE 条目到可验证的漏洞利用：一个自动化的多智能体框架用于重现 CVE 漏洞

Seebug Paper

1 week ago

作者：Saad Ullah, Praneeth, Wenbo Guo, Amanda Burnett, Hammond Pearce, Christopher Kruegel, Giovanni Vigna, Gianluca Stringhini 译者：知道创宇404实验室翻译组原文链接：https://arxiv.org/html/2509.01835v1 摘要高质量的实际漏洞及其对...

Bridging Cybersecurity and Biosecurity With Threat Modeling

Ransomware DataBreachToday.com

1 week ago

Structured Approach to Mitigate Vulnerabilities and Risks in Synthetic Biology Labs
Advances in synthetic biology promise breakthroughs, such as engineered bacteria and microbes for pollution cleanup and medicine production. But this promise brings new risks: cyberthreats that intersect with biosecurity. Threat modeling provides a critical framework to anticipate these risks.

OT Security: When Shutting Down Is Not an Option

Ransomware DataBreachToday.com

1 week ago

Elevate OT Cyber Skills Through Training, Collaboration and Practice
Operational technology incidents can have physical as well as digital consequences, from halting plant production to endangering lives. Training tailored to OT security is essential for protecting critical systems while maintaining operational continuity.

Anthropic Hits $183B Valuation With $13B Raise

Ransomware DataBreachToday.com

1 week ago

Claude Creators Ride Wave of AI Momentum With Updated Valuation
Anthropic raised $13 billion in fresh capital, bringing its post-money valuation to $183 billion. A Series F round was co-led by Iconiq, Fidelity Management & Research Company and Lightspeed Venture Partners, with participation from a slew of institutional investors and sovereign wealth funds.

ODNI Cuts to Threat Sharing Raise Fears of Weakened Defenses

Ransomware DataBreachToday.com

1 week ago

Intel Chief Tulsi Gabbard Will Ax a Cyberthreat Sharing Hub, Citing Redundancy
Director of National Intelligence Tulsi Gabbard said the decision to eliminate the Cyber Threat Intelligence Integration Center was meant to remove redundancies and save taxpayer money, though analysts warn the move could leave a major gap in federal threat information sharing.

EU Court Preserves EU-US Data Privacy Framework

Ransomware DataBreachToday.com

1 week ago

The EU General Court Gives Victory to Backers of Trans-Atlantic Data Flows
The European Union General Court on Wednesday dismissed a plea by a French politician to annul the legal framework underpinning commercial data flows across the Atlantic, rejecting claims that a U.S. intelligence agency oversight body is not independent of the federal government.

Dutch Lab Cancer Screening Hack Balloons to 941,000 Victims

Ransomware DataBreachToday.com

1 week ago

Ransomware Gang Nova Poised to Leak Patient Data, Lab Stays Mum on Negotiations
With ransomware gang Nova threatening to leak patient data on the darkweb, a Dutch laboratory that performs cervical cancer tests for a government screening program is mum about the ransom negotiations, but it says the cyberattack in July has affected 941,000 patients.

【梆梆安全监测】安全隐私合规监管趋势及漏洞风险报告（0720-0802）

嘶吼

1 week ago

最新监管动态

1. 监管通报动态

7月30日，陕西通管局依据相关法律法规的要求，对陕西属地APP进行检查，截至目前，尚有2款APP未按照要求完成整改。上述APP应限期落实整改要求。逾期不整改的，陕西通管局将依法依规组织开展相关处置工作。

7月30日，甘肃通管局依据相关法律法规的要求，持续开展移动互联网应用程序（含小程序）个人信息合规专项整治行动，截至目前，尚有14款应用程序未落实整改要求，上述应用程序应限期完成整改，逾期未整改的，甘肃通管局将依法作下架处置。甘肃通管局通报的存在侵害用户权益行为的应用程序（2025年第二批），截至目前，仍有5款应用程序未落实整改要求，甘肃通管局现予以下架处置。

7月29日，四川和重庆通管局根据相关法律法规，对属地App进行检测，截至目前，仍有7款App/小程序未按要求完成整改，上述App/小程序应限期完成整改，逾期不整改的，四川和重庆通管局将依法依规进行处置。

7月24日，上海通管局针对上一批向社会公示的50款存在侵害用户权益行为的应用进行核查复检，发现尚有23款应用未按照要求落实整改，现予以下架处置。

7月23日，国家网络安全通报中心依据相关法律法规，检测发现33款移动应用存在违法违规收集使用个人信息情况。上期通报的45款违法违规移动应用，经复测仍有8款存在问题，相关移动应用分发平台已予以下架。

7月23日，浙江通管局依据相关法律法规，对APP、小程序违法违规收集使用个人信息等问题开展治理，截至目前，尚有6款APP及小程序未按要求完成整改，上述APP及小程序开发运营者应限期完成整改，逾期不整改的，浙江通管局将依法依规进行处置。

监管支撑汇总

1.国家监管数据分析

针对国家近两周监管通报数据，依据问题类型，统计涉及APP数量如下：

问题分类问题数量违规收集个人信息29未经用户同意收集使用个人信息17违反必要原则、收集与其提供的服务无关的个人信息17未明示收集使用个人信息的目的、方式和范围16超范围收集个人信息7APP强制、频繁、过度索取权限7APP频繁自启动和关联启动3欺骗误导用户提供个人信息3未明示个人信息处理规则3违规使用个人信息2强制用户使用定向推送2未公开收集使用规则1未按法律规定提供删除或更正个人信息功能”或“未公布投诉、举报方式等信息1总计108

针对国家近两周监管通报数据，依据APP类型，统计出现通报的APP数量如下：

APP类型APP数量实用工具类13即时通信类12其他8学习教育类8网络约车类7网上购物类6酒店服务类2网络社区类2电子图书类1短视频类1拍摄美化类1网络借贷类1网络游戏类1网络直播类1新闻资讯类1运动健身类1在线影音类1总计67

漏洞风险分析

从全国的Android APP中随机抽取了2,444款进行漏洞检测发现，存在中高危漏洞威胁的APP为1,913个，即78.27%以上的APP存在中高危漏洞风险。而这1,913款漏洞应用中，有高危漏洞的应用共1,427款，占比74.59%，有中危漏洞的应用共1,883款，占比98.43%（同一款应用可能存在多个等级的漏洞）。存在不同风险等级漏洞的APP占比如下：

1.各漏洞类型占比分析

针对不同类型的漏洞进行了统计，应用中高危漏洞数量排名前三的类型分别为Java代码反编译风险、HTTPS未校验主机名漏洞以及动态注册Receiver风险。各漏洞类型占比情况如下图所示：

2.存在漏洞的APP各类型占比分析

从APP类型来看，实用工具类APP存在漏洞风险最多,占漏洞APP总量的21.62%，其次为其他类APP，占比12.29%，教育学习类APP位居第三，占比10.88%，漏洞数量排名前十的类型如下图所示：

梆梆安全

美国撤销台积电南京工厂的优待措施

Solidot

1 week ago

台积电表示已收到美国政府的通知，此前给予其南京半导体工厂的优待措施将于 12 月 31 日终止。措施终止后，每台美国产制造设备都需要单独获得美国的出口许可。台积电南京工厂主要生产 16 纳米产品。如果美国的出口许可停滞，未来南京工厂的运营可能会受到影响。台积电评论称：“正采取包括与美国政府沟通在内的适当措施，为确保运营不受影响做出不懈努力”。美国政府预定 12 月 31 日同时终止对在中国设有半导体工厂的韩国三星电子、韩国SK海力士提供的相同优待措施。

INC

Dark Feed IO

1 week ago

You must login to view this content

cohenido

照亮微塑料的细菌

Solidot

1 week ago

微塑料是微小的塑料碎片——很多小到肉眼无法不见——存在于空气、土壤和水中。测量其在自然界中的丰度可以指导清理资源，但是目前的检测方法速度慢、成本高或技术要求高。研究人员报告开发出一种活体传感器，这种传感器可以附着在塑料上并发出绿色荧光。在对真实世界水样进行的初步检测中，生物传感器可以轻松检测出环境中存在的微塑料水平。研究人员利用铜绿假单胞菌设计了一种活体微塑料传感器。这种细菌在环境中较为常见，可以在塑料材料上自然形成生物膜，但有些菌株是机会性人类病原体。该研究团队希望能对这种细菌进行稍微改造，以设计出一种能轻松检测出水样中微塑料的活体传感器。研究人员在一种实验室培养的无感染性铜绿假单胞菌菌株中添加了两个基因，以将其设计成传感器。其中一个基因生成的蛋白质会在细菌细胞接触塑料时激活，促使另一个基因生成绿色荧光蛋白质。

美亚法度事业部成立！国投智能股份加速“AI+执法”赛道布局

嘶吼

1 week ago

近日，国投智能股份正式成立美亚法度事业部。这一举措标志着国投智能股份以“数据驱动型执法科技”为切口，系统性切入千亿级智慧执法赛道，不仅强化了自身在政法数字化产业中的平台化服务商定位，同时为后续拓展纪检监察、应急管理等泛政府端高壁垒市场提供标准化产品支点，助力各地智能执法办案中心建设。

美亚法度有哪些优势和能力？

·执法知识库积累

法学专业团队与技术团队协作；持续积累了含多个执法领域、实战的执法知识库。

·电子数据取证、AI技术赋能执法业务

通过自研和一流企业合作模式积累AI技术、电子数据取证技术与执法业务融合，形成系列智能执法能力。

·产品快速延伸和跨行业能力

基于知识库和业务、产品、能力积累，能快速开发延伸产品，实现跨不同执法领域的行业拓展。

基于这些优势和能力，美亚法度已推出了智能笔录、AI笔录、远程取证、行政案件快办一体机、美亚智问系统一体机、手机信息快速采集、键盘精灵等拳头产品。目前，美亚法度智能执法系列产品已经应用到公安、消防、海关、纪检监察、税务稽查、市场监督等执法领域。

下一步，国投智能股份将依托央企资源禀赋及在信创适配、软硬一体化集成方面的成熟能力，结合美亚法度在执法办案SaaS化产品矩阵的垂直场景积累及覆盖全国公安系统的渠道网络，实现技术互补与生态整合，达到“1+1>2”的协同效应。

国投智能

Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments

Cyber Security News

1 week ago

Over the past several years, a concerted campaign by Chinese state-sponsored Advanced Persistent Threat (APT) groups has exploited critical vulnerabilities in enterprise-grade routers to establish long-term footholds within global telecommunications and government networks. These actors, often identified under monikers such as Salt Typhoon and OPERATOR PANDA, have systematically targeted provider edge (PE) and customer edge […]

The post Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments appeared first on Cyber Security News.

Tushar Subhra Dutta

Aggregator

Managed ad