安全419 | 11月安全厂商产品动态汇总
一手资讯尽在掌握,共探行业创新前沿!
Aggregator
美国电信巨头 T-Mobile 检测到有线运营商的网络入侵企图
5 months ago
安全客
【安全圈】俄罗斯黑客组织 Romcom 利用 0day 漏洞攻击 Firefox、Tor 用户
5 months ago
【安全圈】PyPI Python 库“aiocpa”发现通过 Telegram Bot 泄露加密密钥
5 months ago
【安全圈】3辅警非法出售公民个人信息牟利近8万 在万宁受审
5 months ago
【安全圈】AI投毒第一案!GPT写的代码竟有后门 程序员被盗1.8万元
5 months ago
Protecting Tomorrow's World: Shaping the Cyber-Physical Future
5 months ago
The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025, we explored the different factors shaping the cyber-physical future. In an insightful conversation with industry experts, we discussed
The Hacker News
VPN 漏洞、弱凭据助长勒索软件攻击
5 months ago
安全客
CVE-2024-42330 (CVSS 9.1): Zabbix 修补了严重远程代码执行漏洞
5 months ago
安全客
TikTok 在最新安全举措中瞄准改变外观的滤镜和未成年人用户
5 months ago
安全客
CVE-2009-2864 | Cisco Unified Callmanager up to 5.x denial of service (Alert 18883 / XFDB-53447)
5 months ago
A vulnerability, which was classified as critical, was found in Cisco Unified Callmanager up to 5.x. This affects an unknown part. The manipulation leads to denial of service.
This vulnerability is uniquely identified as CVE-2009-2864. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2003-1481 | Stalker Communigate Pro up to 4.0.6 Session information disclosure (EDB-27 / Nessus ID 11567)
5 months ago
A vulnerability classified as critical has been found in Stalker Communigate Pro up to 4.0.6. This affects an unknown part of the component Session Handler. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2003-1481. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2009-2807 | Apple Mac OS X 10.5.8 memory corruption (Nessus ID 40945 / ID 116609)
5 months ago
A vulnerability was found in Apple Mac OS X 10.5.8 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2009-2807. Attacking locally is a requirement. There is no exploit available.
vuldb.com
CVE-2009-2841 | Apple Safari up to 3.1.0 loadResource information disclosure (HT3949 / Nessus ID 47723)
5 months ago
A vulnerability classified as problematic was found in Apple Safari. This vulnerability affects the function HTMLMediaElement::loadResource. The manipulation leads to information disclosure.
This vulnerability was named CVE-2009-2841. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
信用卡盗刷恶意软件曝光: 针对 Magento 结账页面
5 months ago
安全客
智谱放大招:大模型从「Chat」走向「Act」
5 months ago
只有对话功能的 Chatbot,正在进化为「有手、有脑、有眼睛」的自主 Agent。
CVE-2024-47257 | AXIS Q6128-E PTZ Network Camera/P1428-E Network Camera 6.50 Ethernet Frame improper validation of specified quantity in input
5 months ago
A vulnerability was found in AXIS Q6128-E PTZ Network Camera and P1428-E Network Camera 6.50 and classified as critical. This issue affects some unknown processing of the component Ethernet Frame Handler. The manipulation leads to improper validation of specified quantity in input.
The identification of this vulnerability is CVE-2024-47257. The attack may be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
青藤云安全携手财信证券,入选金融科技创新应用优秀案例
5 months ago
该项目通过应用RASP技术,实现了对数据访问行为的实时监控,为应用内数据安全管理提供了强有力的支撑。
青藤云安全携手财信证券,入选金融科技创新应用优秀案例
5 months ago
该项目通过应用RASP技术,实现了对数据访问行为的实时监控,为应用内数据安全管理提供了强有力的支撑。
Npm 库XMLRPC 插入恶意代码,窃取数据部署密币矿机
5 months ago
又一起新的软件供应链攻击