Aggregator

近日，国家标准化管理委员会下达的推荐性国家标准计划中《网络安全技术 鉴别与授权 基于属性的访问控制模型与管理规范》等14项国家标准由全国网络安全标准化技术委员会归口的标准项目。

根据2025年3月28日国家市场监督管理总局、国家标准化管理委员会发布的中华人民共和国国家标准公告（2025年第6号），全国网络安全标准化技术委员会归口的6项国家标准正式发布。

近日，微软官方发布了多个安全漏洞的公告，其中微软产品本身漏洞121个，影响到微软产品的其他厂商漏洞0个。

国家互联网信息办公室持续加强数据出境安全管理政策宣贯，指导和帮助数据处理者高效合规开展数据出境活动。经对近期收到的咨询问题进行研究，现将一些有代表性的问题和答复公布如下。

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert highlighting a critical vulnerability in Gladinet CentreStack, a cloud-based enterprise file-sharing platform. The issue, tracked as CVE-2025-30406, involves the use of a hard-coded cryptographic key that could enable attackers to execute remote code on compromised systems, posing a major security risk to organizations relying on […]

The post CISA Alerts on Active Exploitation of CentreStack Hard-Coded Key Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has disclosed a new security vulnerability in Windows operating systems, tracked as CVE-2025-29809. This flaw, classified with Important severity, impacts the Kerberos authentication protocol, potentially enabling attackers to bypass critical security features. The vulnerability stems from weaknesses described under CWE-922: Insecure Storage of Sensitive Information, making it a pressing concern for organizations relying on Kerberos for secure authentication. […]

The post Windows Kerberos Vulnerability Enables Security Feature Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts have uncovered a sophisticated phishing campaign that employs a double-edged tactic to compromise Office 365 credentials and deliver malware, posing significant risks to organizations worldwide. The campaign, identified by the Cofense Phishing Defense Center (PDC), uses a file deletion reminder as a pretext to trick victims into engaging with what appears to be […]

The post New Double-Edged Email Attack Steals Office 365 Credentials and Delivers Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Ransomware attacks have continued their relentless assault on organizations worldwide, with a focus on data exfiltration and subsequent blackmail through leak site posts. Rapid7 Labs’ analysis of internal and public data provides insights into the evolving landscape of ransomware threats. Evolving Tactics in Ransomware Operations The ransomware ecosystem has seen a shift where established and […]

The post Ransomware Groups Target Organizations to Exfiltrate Data and Blackmail via Leak Site Posts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

关键词恶意软件威胁行为者正在滥用 SourceForge 分发伪造的 Microsoft 插件，这些插件会在受

关键词安全漏洞Adobe发布了安全更新来修复一系列新的安全漏洞，包括 ColdFusion 版本 2025、2

关键词零日漏洞谷歌近日发布了2025年4月Android安全更新，共修复62个安全漏洞。

Luxembourg, Luxembourg, 9th April 2025, CyberNewsWire

The post Gcore Super Transit Brings Advanced DDoS Protection and Acceleration for Superior Enterprise Security and Speed appeared first on Security Boulevard.

The cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors. Hellcat, which emerged in mid-2024, now employs a sophisticated blend of psychological manipulation, zero-day vulnerabilities, and Ransomware-as-a-Service (RaaS) to expand its influence. Spear Phishing and Zero-day Exploits Hellcat operators initiate attacks […]

The post Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

By taking simple steps like choosing a cost-effective backup storage strategy and minimizing recovery infrastructure costs, you can protect your business without bloating your budget. 

The post Four Tips for Optimizing Data Backup and Recovery Costs appeared first on Security Boulevard.

4月9日，绿盟科技CERT监测到微软发布4月安全更新补丁，修复了126个安全问题，涉及Windows、Microsoft Office、Azure等广泛使用的产品，其中包括权限提升、远程代码执行等高危漏洞类型。

4月9日，绿盟科技CERT监测到微软发布4月安全更新补丁，修复了126个安全问题，涉及Windows、Microsoft Office、Azure等广泛使用的产品，其中包括权限提升、远程代码执行等高危漏洞类型。