Aggregator

Переход режима от «горячего» к «холодному» взбудоражил экспертов и криминалистов.

A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware "targets victims' sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,"

Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root on vulnerable Expedition instances, leading to disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. CVE-2024-9465 – an SQL injection vulnerability – allows unauthenticated attackers to grab data from Expedition’s … More →

The post Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) appeared first on Help Net Security.

error code: 521

error code: 521

实现了对文本、图像、视频等多种形式内容的全方位安全防护

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022 by employing sophisticated social engineering techniques to infiltrate target networks, often leveraging advanced malware to compromise systems undetected.  Once inside, Black Basta extorts victims with ransom demands, threatening to publicly release sensitive data if payment is not made. The group’s […]

The post Black Basta Ransomware Leveraging Social Engineering For Malware Deployment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

·政策 云计算服务安全责任划分规则及实施指南 关键信息基础设施商用密码使用管理规定（征求意见稿） ·报告 政务安全托管服务（GMSS）实践指南（2024）