Aggregator

实现了对文本、图像、视频等多种形式内容的全方位安全防护

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022 by employing sophisticated social engineering techniques to infiltrate target networks, often leveraging advanced malware to compromise systems undetected.  Once inside, Black Basta extorts victims with ransom demands, threatening to publicly release sensitive data if payment is not made. The group’s […]

The post Black Basta Ransomware Leveraging Social Engineering For Malware Deployment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

·政策 云计算服务安全责任划分规则及实施指南 关键信息基础设施商用密码使用管理规定（征求意见稿） ·报告 政务安全托管服务（GMSS）实践指南（2024）

打破行业困境，丢掉“陈规陋习”，以前沿思维打造先进云安全。

本期，一位低调务实的行业老兵分享他的企业特色，传递业内心声。

瑞数信息马蔚彦： “防”“反”并重，告别亡羊补牢式反勒索 日期：2024年11月15日 阅：91

远程代码执行风险威胁用户安全，Zoom紧急修复多个安全漏洞；颠覆传统安全架构，Zscaler创新发布新型零信任分段方案 | 牛览 日期：2024年

error code: 521

Инновационные меры безопасности бессильны перед новым поколением вредоносного ПО.

error code: 521

SANTA CLARA, Calif. — With great promise comes potential peril. And while artificial intelligenc

Oscilar unveiled its Cognitive Identity Intelligence Platform to combat the rising tide of AI-powered fraud. The platform’s proprietary “Digital & Behavior Identification” technology transforms digital identity verification in an era where traditional solutions are increasingly vulnerable to sophisticated AI-enabled attacks. At its current growth rate, Deloitte’s Center for Financial Services predicts that generative AI could enable fraud losses to reach $40 billion in the United States by 2027, from $12.3 billion in 2023, a compound … More →

The post Oscilar Cognitive Identity Intelligence Platform combats AI-powered fraud appeared first on Help Net Security.

In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human

A vulnerability classified as critical was found in imgcrypt up to 1.1.3. Affected by this vulnerability is the function CheckAuthorization of the component API Extension. The manipulation leads to incorrect authorization. This vulnerability is known as CVE-2022-24778. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Go up to 1.17.10/1.18.2 and classified as problematic. Affected by this issue is the function ticket_age_add of the component TLS Handler. The manipulation of the argument random leads to observable behavioral discrepancy. This vulnerability is handled as CVE-2022-30629. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Python up to 3.10 and classified as critical. Affected by this vulnerability is an unknown functionality in the library lib/http/server.py. The manipulation leads to path traversal. This vulnerability is known as CVE-2021-28861. The attack needs to be initiated within the local network. There is no exploit available. The real existence of this vulnerability is still doubted at the moment. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in Google Go up to 1.17.8/1.18.0. Affected is an unknown function of the component crypto-elliptic. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-28327. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.