Aggregator

为加快公共数据资源开发利用，充分释放公共数据要素潜能，推动数字经济高质量发展，9月21日，中共中央办公厅、国务院办公厅印发《关于加快公共数据资源开发利用的意见》。

《中共中央关于进一步全面深化改革、推进中国式现代化的决定》提出：“建立人工智能安全监管制度。”这是党中央统筹发展与安全，积极应对人工智能安全风险作出的重要部署。

根据2024年10月26日国家市场监督管理总局、国家标准化管理委员会发布的中华人民共和国国家标准公告，全国网络安全标准化技术委员会归口的3项国家标准正式发布。

随着数字化经济的飞速发展，网络环境也面临着诸多安全威胁，勒索软件攻击是近年来全球网络安全面临的主要威胁之一。对2024年勒索软件攻击及治理进行深入研究，旨在正确认识勒索软件，探索勒索软件攻击解决方案，以更高效地防范勒索软件攻击。

安全可靠测评通过对产品及其研发单位的核心技术、安全保障、持续发展等方面开展评估，评定产品的安全性和可持续性，实现对产品研发设计、生产制造、供应保障、售后维护等全生命周期安全可靠性的综合度量和客观评价。

A vulnerability classified as problematic has been found in Imperva SecureSphere 9.0.0.5. This affects an unknown part of the component Error Message Handler. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2013-4093. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Эксперименты показали высокую эффективность нового оружия.

Таганский суд Москвы обязал компанию выплатить 3,5 млн рублей.

A vulnerability classified as problematic has been found in searchEveryAuction up to 1.53. This affects an unknown part of the file auction.pl. The manipulation of the argument searchstring leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2005-4229. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Demons’ appeared first on Security Boulevard.

Intel Broker宣称通过第三方承包商非法访问了诺基亚的敏感信息，并在BreachForums论坛上以20000美元的价格出售

看雪论坛作者ID：pureGavin

轻松全掌握，大会精彩议程。

Wi-Fi危机 商用路由器面临安全风险

A vulnerability classified as problematic was found in HAPI FHIR up to 6.3.x. This vulnerability affects unknown code of the component Request Handler. The manipulation leads to xml external entity reference. This vulnerability was named CVE-2024-51132. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in LSC Smart Connect Indoor IP Camera up to 7.6.32. This affects an unknown part of the component RTSP Protocol Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-51362. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 5.10.227/5.15.168/6.1.113/6.6.57/6.11.4. It has been rated as problematic. Affected by this issue is the function simulate_ldr_literal of the component Virtual Address Handler. The manipulation leads to Privilege Escalation. This vulnerability is handled as CVE-2024-50099. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.169/6.1.114/6.6.58/6.11.5. It has been declared as problematic. Affected by this vulnerability is the function wwan_rtnl_policy in the library lib/nlattr.c of the component Netlink Attribute Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-50128. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.