Aggregator

Новая функция защитит основные почтовые аккаунты.

百变“毒王”阴魂不散，360全面抵御银狐威胁

呈贡区政府与360达成战略合作 共同打造昆明市数字经济高地！

Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins

Cyber crooks are trying out an interesting new approach for getting information-stealing malware installed on Android users’ smartphones: a physical letter impersonating MeteoSwiss (i.e., Switzerland’s Federal Office of Meteorology and Climatology). “The letter asks the recipients to install a new severe weather app. However, there is no such federal app with the name mentioned. Rather, the QR code shown in the letter leads to the download of malware called ‘Coper’ (also known as ‘Octo2’),” the … More →

The post Cyber crooks push Android malware via letter appeared first on Help Net Security.

环境介绍 开发Python环境 Python 3.9.14 ，具体支持到什么版本未测试！ 我运行在 PVE 的 CT 里面，CentOS 9 功能 家里的交换机，不晓得什么问...

Valve 于 2004 年 11 月 16 日发布了备受瞩目的 FPS 游戏《半条命2》。很多玩家惊讶的发现，玩《半条命2》需要同时安装另一款叫 Steam 的软件。《半条命2》不是在 Steam 上发布的第一款 Valve 游戏，但它是第一款必须要安装 Steam 的著名游戏，即使实体零售版也是如此。此举让 Valve 获得数以百万计的新玩家，允许它绕过零售商，直接向玩家销售游戏。Valve 此举在玩家中间引发了很多批评，认为它只是另一种令人讨厌的 DRM，当时缺乏证明其存在的理由。20 年后，Steam 改变了 PC 游戏的生态，消除了零售这一中间环节，将游戏的控制权更多的交给开发商和发行商。为了庆祝《半条命2》发布二十周年，社区开发团队 Orbifold Studios 宣布了《Half-Life 2 RTX》版本，为游戏引入了完整的光线跟踪，目前 RTX 版还没有公布发布日期。

Regen komt met bakken uit de lucht, rivier de Vecht in Overijssel loopt vol. Zwakke plekken in de dijk bedreigen inwoners tot in de verre omgeving. Dat is het scenario van de 2-daagse oefening Alert, die vandaag afloopt. Hierin testen Defensie en ketenpartners het Landelijk Crisis Management Systeem (LCMS).

Network Security / VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) o

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nick

Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a run at a business-friendly federal privacy law.

Пресс-секретарь президента рассказал о ситуации с доступом к платформе.

Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. "By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to all data services in the project," Palo Alto Networks

The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October

HomeChrome脚本猫 – 开源用户脚本管理扩展，支持后台、定时脚本运行[Chrome/Firefox]

Stuart Schechter makes some good points on the history of bad password policies:

Morris and Thompson’s work brought much-needed data to highlight a problem that lots of people suspected was bad, but that had not been studied scientifically. Their work was a big step forward, if not for two mistakes that would impede future progress in improving passwords for decades.

First, was Morris and Thompson’s confidence that their solution, a password policy, would fix the underlying problem of weak passwords. They incorrectly assumed that if they prevented the specific categories of weakness that they had noted, that the result would be something strong. After implementing a requirement that password have multiple characters sets or more total characters, they wrote:...

The post Good Essay on the History of Bad Password Policies appeared first on Security Boulevard.