2025国赛暨长城杯AWDP-TimeCapsule完整题解
介绍2025国赛暨长城杯零解题目AWDP-TimeCapsule的完整题解,包括Fix和完整的Break过程
Aggregator
Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns
7 months ago
The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black Banshee,” has been active since at least 2012, targeting nations like South Korea, Japan, and the United States with sophisticated cyber espionage campaigns. Recently, new Indicators of Compromise (IOCs) shared via a tweet revealed a ZIP file containing malicious payloads, exposing […]
The post Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
BSidesLV24 – GroundFloor – WHOIS The Boss? Building Your Own WHOIS Dataset For Reconnaissance
7 months ago
Author/Presenter: Will Vandevanter
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.
The post BSidesLV24 – GroundFloor – WHOIS The Boss? Building Your Own WHOIS Dataset For Reconnaissance appeared first on Security Boulevard.
Marc Handelman
How Email Protocols Work
7 months ago
How Email Protocols Work
Dark Web Informer - Cyber Threat Intelligence
APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations
7 months ago
The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear phishing campaign targeting activists focused on North Korean issues. Named “Operation: ToyBox Story” by Genians Security Center (GSC), this campaign exploited legitimate cloud services, primarily Dropbox, as command-and-control (C2) infrastructure to evade detection. The attackers delivered malicious shortcut (LNK) files disguised […]
The post APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
CVE-2007-6721 | Bouncycastle Bouncy-castle-crypto-package up to 1.35 Remote Code Execution (OSVDB-50358)
7 months ago
A vulnerability classified as very critical was found in Bouncycastle Bouncy-castle-crypto-package. This vulnerability affects unknown code. The manipulation leads to Remote Code Execution.
This vulnerability was named CVE-2007-6721. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2013-1624 | Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api up to 1.47 cryptographic issues (RHSA-2014:0371 / XFDB-81910)
7 months ago
A vulnerability classified as problematic was found in Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api. This vulnerability affects unknown code. The manipulation leads to cryptographic issues.
This vulnerability was named CVE-2013-1624. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2017-13098 | BouncyCastle TLS up to 1.0.2 JCE Key Recovery cryptographic issues (K21905460 / VU#144389)
7 months ago
A vulnerability, which was classified as critical, has been found in BouncyCastle TLS up to 1.0.2. This issue affects some unknown processing of the component JCE. The manipulation leads to cryptographic issues (Key Recovery).
The identification of this vulnerability is CVE-2017-13098. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2016-1000342 | Bouncy Castle JCE Provider up to 1.55 ECDSA signature verification (RHSA-2018:2669 / Nessus ID 110948)
7 months ago
A vulnerability was found in Bouncy Castle JCE Provider up to 1.55 and classified as critical. This issue affects some unknown processing of the component ECDSA. The manipulation leads to improper verification of cryptographic signature.
The identification of this vulnerability is CVE-2016-1000342. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2018-5382 | Bouncy Castle BKS-V1 1.47 HMAC cryptographic issues (RHSA-2018:2927 / VU#306792)
7 months ago
A vulnerability classified as critical has been found in Bouncy Castle BKS-V1 1.47. Affected is an unknown function of the component HMAC Handler. The manipulation leads to cryptographic issues.
This vulnerability is traded as CVE-2018-5382. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4559 | Netvision ISOinsight prior 2.9.0.250501/3.0.0.250501 sql injection (EUVD-2025-14271)
7 months ago
A vulnerability classified as critical has been found in Netvision ISOinsight. This affects an unknown part. The manipulation leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-4559. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
4 Hackers Arrested After Millions Made in Global Botnet Business
7 months ago
The cybercriminals infected older wireless Internet routers with Anyproxy and 5socks malware in order to reconfigure them — all without the users' knowledge.
Kristina Beek, Associate Editor, Dark Reading
Hackers now testing ClickFix attacks against Linux targets
7 months ago
A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. [...]
Bill Toulas
Law enforcement takes down proxy botnets used by criminals
7 months ago
US and Dutch law enforcement, with the help of Lumen researchers, have disrupted 5socks and Anyproxy, two proxy-for-rent services that were used by criminals for ad fraud and DDoS and brute-force attacks (among other things). The domain seizure notice The US Department of Justice has also unsealed an indictment against tree Russian and one Kazakhstani national, who allegedly maintained, operated, and profited from the two services. “The 5socks.net website advertised more than 7,000 proxies for … More →
The post Law enforcement takes down proxy botnets used by criminals appeared first on Help Net Security.
Zeljka Zorz
Live Masterclass | Enterprise Data Sanitization & Disposition: What 2,000 Global Leaders Reveal About 2025 Trends
7 months ago
Google Reaches $1.4 Billion Privacy Settlement With Texas
7 months ago
State Accused Tech Giant of Geolocation, Incognito Search, Biometric Violations
Texas has reached a nearly $1.4 billion settlement agreement with technology giant Alphabet after accusing its Google subsidiary of violating state privacy laws via its geolocation, incognito search and biometric data capture and retention practices.
Texas has reached a nearly $1.4 billion settlement agreement with technology giant Alphabet after accusing its Google subsidiary of violating state privacy laws via its geolocation, incognito search and biometric data capture and retention practices.
Researchers found one-click RCE in ASUS’s pre-installed software DriverHub
7 months ago
Expert found two flaws in DriverHub, pre-installed on Asus motherboards, which allow remote code execution via crafted HTTP requests. Security researcher ‘MrBruh’ discovered two vulnerabilities, tracked as CVE-2025-3462 (CVSS score of 8.4) and CVE-2025-3463 (CVSS score of 9.4), in DriverHub, a driver that is pre-installed on Asus motherboards. A remote attacker can exploit the flaws to gain arbitrary code […]
Pierluigi Paganini
VMware security advisory (AV25-263)
7 months ago
Canadian Centre for Cyber Security
Kairos
7 months ago
You must login to view this content
cohenido
Ученые назвали точную дату конца Вселенной
7 months ago
Ждать не триллионы триллионов лет, а всего-то 10⁷⁸ лет.