Aggregator

Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...]

iVerify показала, что безопасных смартфонов больше не существует.

The modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities make data protection and seamless business continuity challenging for businesses of all sizes. Your organization needs robust security measures that go beyond traditional backup solutions to address the intricacies of today’s complex IT ecosystems.

OpenAI 的 12 个大新闻之一：200美金/月的 ChatGPT Pro 套餐，包括不限量的 OpenAI o1 新模型

Despite claims by Brain Cipher that the ransomware gang had targeted Deloitte, the consultancy firm says its systems have not been affected

A vulnerability, which was classified as problematic, has been found in Quarkus CXF. Affected by this issue is some unknown functionality of the component SOAP Message Logging. The manipulation leads to sensitive information in log files. This vulnerability is handled as CVE-2024-9621. The attack can only be done within the local network. There is no exploit available.

A vulnerability was found in Message Filter for Contact Form Plugin up to 1.6.3 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Filter Handler. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-12027. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in AI Quiz Plugin up to 1.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Options Update Handler. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-11323. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in WP Private Content Plus Plugin up to 3.6.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-11292. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in gdlib up to 2.0.28. It has been declared as very critical. Affected by this vulnerability is the function gdimagecreatefrompngctx of the file gd_png.c of the component Graphics. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2004-0990. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

英国批准针对Facebook的集体诉讼 起诉方代表英国4,600万名用户索赔287亿元

I-O Data路由器0Day漏洞被利用，无修复补丁

稳定版内核维护者 Greg Kroah-Hartman 宣布 Linux 6.12 为最新的长期支持内核（LTS）。LTS 将支持两年时间，2024 年 11 月释出的 Linux 6.12 预计将一直支持到 2026 年 12 月，可能会延长支持时间，这要根据软硬件供应商、测试者和开源社区的支持水平而定。Linux LTS 版本在 2023 年前支持最长六年时间，但因缺乏行业和社区支持而再次减少到两年支持时间。目前的 LTS 版本 5.10 和 5.4 仍然支持六年，而 5.15 减少到 5 年，6.1 减少到 4 年，6.6 为 3 年。

U.S. Officials Tell Americans to Use Encrypted Apps as Scope of Cyberattack Grows

客户之声：360安全大模型助力智能运营

保护混合和多云环境的7个PAM最佳实践和8个热门解决方案

英国电信巨头BT集团遭遇勒索攻击，500GB敏感数据恐遭窃取；流行移动安全测试工具曝XSS漏洞，文件名成为攻击新途径 | 牛览

古巴的一座发电厂周三发生故障，导致早已摇摇欲坠的电网再次瘫痪，数百万人断电。周四电网恢复了部分功能，但仍然远远低于需求。政府通知居民，将恢复计划性断电，将按区域每天轮流断电 5 小时。古巴的电网基础设施缺乏维护年老失修，发电量远低于装机容量。电网多年来一直处于崩溃边缘，燃料短缺，自然灾害以及经济危机导致古巴政府无法维护陈旧的基础设施。停电加上食品、药品和水资源短缺，古巴居民的外流创下了历史性高。