Aggregator

A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Proofpoint threat researchers have exposed an active account takeover (ATO) campaign, dubbed UNK_SneakyStrike, exploiting the TeamFiltration pentesting framework to target Microsoft Entra ID user accounts. Since December 2024, this malicious operation has impacted over 80,000 user accounts across hundreds of organizations, achieving several successful breaches. UNK_SneakyStrike Campaign The attackers have weaponized TeamFiltration a tool originally […]

The post Cybercriminals Use TeamFiltration Pentesting Framework to Breach Microsoft Teams, OneDrive, Outlook, and More appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

forever young不论昨天如何，都希望新的一天里，我们大家都能成为更好的人，也希望我们都是走向幸福的

一年提升上百分，这可能是最后一代能被考住的「AI」。

Four alleged ShinyHunters members arrested, IntelBroker exposed as British national Kai West in global crackdown linked to BreachForums and major data breaches.

2025年8月1日（周五） 前

当前环境异常，请完成验证后继续访问。

Audio Switcher是一款有11年历史的开源Windows小工具，支持Windows 7至11。它允许用户通过快捷键快速切换音箱和耳机等音频设备。尽管自2018年后未更新，仍能在Windows 11中运行。用户推荐其方便实用。

Overview of the current cyber attacks in the Iran-Israel conflict The geopolitical confrontation between Iran and Israel has a long history. In recent years, as the competition between the two countries in the military, nuclear energy and diplomatic fields has been escalating. On June 13, 2025, the IDF launched a large-scale military operation against Iran. […]

The post The Hacktivist Cyber Attacks in the Iran-Israel Conflict appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post The Hacktivist Cyber Attacks in the Iran-Israel Conflict appeared first on Security Boulevard.

Interpol claims cybercrime has risen sharply in Africa with cyber-offences accounting for a "medium-to-high" share of all crime

Хакеры превратили клавиатуру в оружие массового поражения.

过度捕捞导致东波罗的海鳕鱼数量锐减，但过去三十年鱼的体型也在神秘的急剧缩小了。现在科学家发现了基因组证据，表明密集​​捕捞导致了鱼体型的快速演化，它们的平均体长自 1990 年代以来缩小了一半。鳕鱼成年体长的中位数从 1996 年的 40 厘米减少到 2019 年的 20 厘米，成年体体重中位数从 1996 年的 1356 克缩小到了 2019 年的 272 克，20 多年体重缩小到原来的五分之一。这项研究表明人类活动在鳕鱼种群 DNA 上留下了深刻的印记。导致体型演化的主要驱动力是拖网捕鱼的网眼尺寸。拖网捕鱼旨在对鱼体型大小进行选择性捕捞，法律规定了最小网眼尺寸，旨在保护体型较小的鱼，确保小鱼在被捕获之前能成熟并产卵。然而此举带来了意想不到的结果，它催生了选择性演化压力，使体型较小的鱼更易逃脱渔网。

过度捕捞使东波罗的海鳕鱼数量锐减，且体型在过去30年急剧缩小。基因组研究表明，密集捕捞导致鱼类快速演化，平均体长和体重大幅下降。拖网捕鱼的网眼尺寸选择性捕捞大鱼，促使小鱼更易逃脱并繁殖，进一步加剧了体型缩小的趋势。

ClickFix, a deceptive attack method, saw a surge of more than 500% in the first half of 2025, making it the second most common attack vector after phishing, according to ESET’s latest Threat Report. The report, which looks at trends from December 2024 to May 2025, found that ClickFix accounted for nearly 8% of all blocked attacks during this period. Fake reCAPTCHA check instructing the victim to paste and execute a malicious command on their … More →

The post ClickFix attacks skyrocketing more than 500% appeared first on Help Net Security.

当前环境异常，需完成验证后才能继续访问。

当前环境出现异常，请完成验证后继续访问。

本文讲述了一位安全从业者从攻击视角转向安全规划与建设的经历，在资源有限的小型金融科技公司中构建安全体系的独特挑战与实践。通过分析攻击路径和风险量化，结合工具与自动化提升效率，分享了在小微企业环境中务实的安全建设经验。

CISA确认AMI MegaRAC BMC软件中的高危漏洞CVE-2024-54085被用于攻击。该漏洞允许未认证攻击者远程控制服务器并部署恶意软件或破坏硬件。该漏洞影响多个厂商设备，修复迫在眉睫。

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. "In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to

伊朗支持的黑客组织通过伪装成虚构助手或研究人员，向以色列记者、网络安全专家和教授发送钓鱼邮件或WhatsApp消息，诱导其访问虚假Gmail登录页面或Google Meet邀请。该组织利用AI工具制作钓鱼信息，并使用定制钓鱼工具包窃取Google账户凭证、2FA代码及键盘记录。