Aggregator

360安全大脑监测发现一种僵尸网络正隐秘发起大规模DDoS攻击，分析后确认其为FICORA僵尸网络新变种

我们在2023年8月发现了一起伪装成聊天软件进行窃密活动的攻击事件，并持续跟踪至今。攻击者使用伪装成Google Play页面的钓鱼网站来分发恶意聊天软件

A recent security assessment by Shelltrail has uncovered three critical vulnerabilities in the IXON VPN client, potentially allowing attackers to escalate privileges on both Windows and Linux systems. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02, and CVE-2025-ZZZ-03, these flaws expose users to local privilege escalation (LPE) risks, with one additional impact currently undisclosed. CVE IDs are pending due […]

The post Critical IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems appeared first on Cyber Security News.

速修复

速修复

如何处理第三国公共部门调取数据的要求

如何处理第三国公共部门调取数据的要求

一起探索安卓逆向的奥秘

新型“ inception”越狱攻击席卷主流 AI 平台，暴露出大型语言模型在安全防护上的系统性漏洞

看雪论坛作者ID：xcisme

P.A.S.-Form, p0wny и WSO — трио оболочек, превращающих систему в цифрового зомби.

A vulnerability has been found in FFmpeg up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file libavcodec/pthread_frame.c. The manipulation leads to use after free. This vulnerability is known as CVE-2022-48434. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Delta Electronics DX-2100-L1-CN and classified as problematic. This vulnerability affects unknown code of the component Net Diagnosis Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2023-0432. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component Visuals. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2023-1810. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Redgate SQL Monitor 12.1.31.893. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument returnUrl leads to cross site scripting. This vulnerability was named CVE-2022-47870. The attack can be initiated remotely. Furthermore, there is an exploit available.

The role of the Chief Information Security Officer (CISO) has never been more critical. As organizations face a rapidly evolving threat landscape, CISOs must defend against cyberattacks and ensure compliance with a growing patchwork of regulations and standards. Cybersecurity frameworks have emerged as essential tools, providing structured approaches to managing risk, implementing controls, and aligning […]

The post Navigating Cybersecurity Frameworks – CISO Resource Guide appeared first on Cyber Security News.

360安全云联运商座谈会圆满落幕 数十家企业获“联营联运”认证！