Aggregator

地球正在快速变暖，但你知道吗？早在 3 亿多年前，类似的气候剧变就曾引发海洋生命的巨大波动。南京大学研究团队在《Science Advances》发表研究报告：在晚古生代（约3.4亿至2.5亿年前），地球缓慢变冷时，海洋生物加速演化、种类剧增；而一旦气候急剧变暖，尤其是火山喷发带来的升温，便引发大规模物种灭绝。研究主角是一群叫做䗴类有孔虫（fusuline）的远古单细胞海洋生物，它们个体虽小，但数量惊人（图1），曾主宰海底世界，被誉为“碳酸盐岩工厂”。团队发现，9180 多万年间，这些生物经历了两次“多样化爆发”和四次“灭绝危机”。尤其在 2.6亿 年前峨眉山大规模火山喷发前后，体型较大的䗴类几乎绝迹；而 2.52 亿年前的二叠纪末期超级火山事件，更彻底终结了这个庞大家族的演化历程。值得警惕的是，人类活动引发的现代全球变暖，其速度已远超古代峨眉山玄武岩和二叠纪末火山事件带来的变暖速率。当前的海洋生态系统或正经历类似䗴类曾遭遇的命运考验。

在人类的演化过程中，寄生虫如头虱、跳蚤和绦虫一直伴随左右。但现代最强大的寄生物并非是吸血的无脊椎动物，而是智能手机。智能手机寄生于我们的时间、注意力和个人信息，为科技公司及其广告商谋利。从演化和寄生的角度看，智能手机对社会构成了独一无二的风险。寄生虫的生存依赖于宿主，离开宿主会很快死亡，以头虱为例，它给人类带来的代价主要是痒。智能手机改变了我们的生活，以至于很多人都离不开它。它带来的代价是一部分人沦为其奴隶，导致睡眠不足、线下关系薄弱以及情绪紊乱。人类与智能手机的关系一开始是互利共生（mutualism），但逐渐的演变为寄生关系。它提供的流行应用不是为了用户的利益，而是通过操纵我们的行为和情绪为其开发商和广告商谋利。用户是宿主，而智能手机就是寄生物。我们需要对其进行限制，至少能恢复部分互利共生的关系，但科技寡头们的实力非普通人能抵挡。

免杀EXE自动生成器破解与技术原理分析

Microsoft has acknowledged a significant bug affecting OneDrive personal accounts that is causing search results to appear blank, preventing users from locating files they know exist within their cloud storage. The tech giant is actively investigating the issue, which appears to impact a subset of users, though the company has not provided an estimated timeline […]

The post Microsoft Warns of OneDrive Bug that Causes Searches to Appear Blank appeared first on Cyber Security News.

以色列伊朗冲突的网络维度

A vulnerability was found in Totolink A3700R 9.1.2u.5822_B20200513. It has been rated as critical. Affected by this issue is the function setDiagnosisCfg. The manipulation leads to privilege escalation. This vulnerability is handled as CVE-2023-52029. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Totolink A3700R 9.1.2u.5822_B20200513. Affected is the function setTracerouteCfg. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2023-52028. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in ScaleFusion 10.5.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2023-51748. The attack can only be done within the local network. There is no exploit available.

A vulnerability was found in AMD 3rd Gen EPYC Processors and 4th Gen EPYC Processors and classified as problematic. Affected by this issue is some unknown functionality of the component Debug Information Handler. The manipulation leads to denial of service. This vulnerability is handled as CVE-2023-20573. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Tecnick TCExam up to 11.2.022. It has been declared as problematic. This vulnerability affects unknown code of the component Admin Folder. The manipulation leads to missing authorization. This vulnerability was named CVE-2023-6554. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in D-Link DIR-822+ 1.0.2. Affected by this issue is some unknown functionality of the component HNAP1 Interface. The manipulation leads to use of hard-coded password. This vulnerability is handled as CVE-2023-51987. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Totolink A3300R 17.0.0cu.557_B20221024. This issue affects the function setScheduleCfg. The manipulation of the argument minute leads to command injection. The identification of this vulnerability is CVE-2024-23061. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Hozard Alarm System 1.0. This affects an unknown part of the component Remote Keyless System. The manipulation leads to authentication bypass by capture-replay. This vulnerability is uniquely identified as CVE-2023-50128. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Hozard Alarm System 1.0 and classified as problematic. This vulnerability affects unknown code of the component SMS Authentication. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability was named CVE-2023-50123. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Hozard Alarm System 1.0. It has been classified as critical. Affected is an unknown function of the component SMS Handler. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2023-50127. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Hozard Alarm System 1.0. This affects an unknown part. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2023-50125. Access to the local network is required for this attack. There is no exploit available.

A vulnerability classified as critical has been found in Linux Kernel up to 4.19.190/5.4.119/5.10.37/5.11.21/5.12.4. This affects the function i40e_client_subtask of the component i40e. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2021-46991. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 4.19.190/5.4.119/5.10.37/5.11.21/5.12.4. This vulnerability affects the function enic_queue_wq_skb of the component enic. The manipulation leads to use after free. This vulnerability was named CVE-2021-46998. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.