Aggregator

功能概述：命令行版本的国密sm系列算法小工具因为我的使用环境的mscOS，所以具体情况各位小伙伴根据自身保存情

U.S. authorities seized $2.8 million crypto and $70,000 from Ianis Aleksandrovich Antropenko, who they say used the Zeppelin ransomware to attack companies in the United States and elsewhere and then laundered the cryptocurrency used to pay the ransoms through a crypto mixer and by exchanging it for cash.

The post DOJ Seizes $2.8 Million, Indicts Alleged Zeppelin Ransomware Operator appeared first on Security Boulevard.

Microsoft has mitigated a known issue that caused Windows update failures when installing them from a network share using the Windows Update Standalone Installer (WUSA). [...]

关键词网络攻击名为EncryptHub的威胁行为者正在继续利用现已修补的 Microsoft Windows

关键词Windows微软近期推送的 Windows 11 24H2 累积安全更新（KB5063878）引发广泛

关键词数据泄露网络安全研究人员近期发现，大量公开可访问的 TeslaMate 实例在未启用身份验证的情况下暴露

关键词数据泄露知名人力资源软件巨头Workday近日披露一起数据泄露事件，其第三方客户关系管理系统遭到黑客入侵

Chinese-speaking cybercriminals are using ghost-tapping techniques to take advantage of Near Field Communication (NFC) relay tactics in a sophisticated evolution of payment card fraud. They are mainly targeting mobile payment services such as Apple Pay and Google Pay. This attack vector involves relaying stolen payment card credentials from compromised devices to mules’ burner phones, enabling […]

The post New Ghost-Tapping Attacks Target Apple Pay and Google Pay Users’ Linked Cards appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

玄道，一个被传奇色彩包裹的男子，据传曾以非凡之姿，与日争辉，穿越卫星之轨。

Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler

大众汽车正为其电动汽车 ID.3 推出提升引擎功率的订阅模式，如果司机想要从标准的 201 马力提升到 228 马力，他们需要每月支付约 16.50 英镑或每年 165 英镑，或一次性支付 649 英镑的终身费用。该费用是与汽车绑定而不是与司机绑定，如果司机卖掉了 ID.3，购买了另一辆 ID.3，那么如果想要获得更高的动力将需要再次支付。大众汽车辩解称，司机是在为更强的运动体验付费，他们无需为此购买更高引擎功率的型号。提升功率无需机械方面进行改变，主要是调整下软件，可能是修改下布尔值。

Кто на самом деле в зоне риска — корпорации или средний бизнес?

A critical security vulnerability has been discovered in Rockwell Automation’s ControlLogix Ethernet communication modules, potentially allowing remote attackers to execute arbitrary code on industrial control systems.  The vulnerability, tracked as CVE-2025-7353, affects multiple ControlLogix Ethernet modules and carries a maximum CVSS score of 9.8, indicating severe security implications for industrial automation environments.  Key Takeaways1. Critical […]

The post Rockwell ControlLogix Ethernet Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

Use-after-free (UAF) vulnerabilities represent one of the most critical and prevalent security threats in modern software systems, particularly affecting applications written in memory-unsafe languages like C and C++. These vulnerabilities occur when a program continues to use a memory location after it has been freed, creating opportunities for attackers to manipulate program execution flow, corrupt […]

The post What is Use-After-Free Vulnerability? – Impact and Mitigation appeared first on Cyber Security News.

经过多轮激烈角逐，奇安信代码安全实验室凭借优异的技术能力和攻防实力，从成功晋级线下决赛的30支精英战队中脱颖而出，斩获一等奖（最高奖项）

De Koninklijke Marine ruimt momenteel mijnen en andere explosieven in de Noordzee. Dat gebeurt met de Belgische en Estse zeemacht. Met de militaire aanwezigheid boven de Waddeneilanden wordt bovendien sabotage van kritieke infrastructuur zoals kabels voorkomen. Het landentrio traint ook hoe het optimaal een haven veilig kan houden. De activiteiten maken deel uit van Sandy Coast 25. Die is vandaag begonnen.

Winners of DARPA’s AI Cyber Challenge proved AI can automate patching at scale. Their tools will go open source, offering defenders new power—but also raising concerns about AI-fueled exploits.

The post DARPA AI Cyber Challenge Winners Impress With Quick, Scalable Patching  appeared first on Security Boulevard.

The Warlock ransomware gang has taken credit for the cyber-attack after the UK telco giant publicly confirmed an incident on August 14

站在新起点，期待脱颖而出的优秀项目能把握机遇，加速成果转化与产业化进程。