Aggregator

双方聚焦云安全、智算数据中心建设、大模型安全等关键领域，推动产品与业务场景融合，打造领先数字化安全底座。

关键词安全漏洞2025年5月21日，Grafana Labs 发布安全更新，修复了由安全研究人员 Alvaro

关键词Windows2025年4月，微软发布了一项关于 Windows Hello 的重要安全通告，修复了编号

关键词罗马仕近日，多所高校陆续发布通知，提醒师生停止使用罗马仕部分型号充电宝，因其在充电过程中存在更高的起火爆

关键词勒索软件近日，网络安全公司趋势科技发布报告，揭示新兴勒索软件即服务（RaaS）平台“Anubis”的危险

A critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a recent disclosure by Cisco Talos and confirmed by ASUS. The flaw, tracked as CVE-2025-3464, allows attackers to bypass security controls and gain the highest level of privileges on affected systems, potentially […]

The post ASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on Windows appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

速修复

速修复

GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. “Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On June 16, GreyNoise observed […]

Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution. Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports. The list of vulnerabilities is as follows -

Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.

Никто не знает, кто украл миллионы, но деньги вернулись — частично и очень странным путём.

根据路透研究所的一项研究，当代美国人最主要的新闻来源是社交媒体。数据显示，54% 的人通过 Facebook、X和 YouTube 等获取新闻，超过了电视（50%）、新闻网站和应用（48%）。世界其它地方也有类似的趋势，但美国发生的更快影响也更为深远。播客 Joe Rogan 最受欢迎，22% 的受访者表示上周看到过他的新闻或评论。一部分政客在挑选采访者时也倾向于选择网络主播而不是主流媒体。民粹主义政客因此能绕过传统新闻媒体。虽然网红人气更高，但并不被认为是可靠的新闻来源，47% 的人认为他们是虚假信息的主要来源。而马斯克的 X 平台越来越受到右翼人士的青睐。报告称，TikTok 是增长最快的社交和视频网络，17% 的人使用它获取新闻，比去年增长了 4 个百分点；越来越多的人使用 AI 聊天机器人获取新闻，这一趋势在 25 岁以下人群中最显著；大多数人认为 AI 会降低新闻的透明度、准确性和可信度；知名媒体仍然被视为更可靠。

GB/T 45574—2025《数据安全技术 敏感个人信息处理安全要求》标准全文

近年来，境外间谍情报机关频繁使用“钓鱼”邮件的手段开展网攻窃密，目标直指我党政机关、国防军工单位、高校、科研院所等核心要害部门，试图窃取我重要敏感领域信息，手法复杂多变，迷惑性极强，威胁我国家安全，需引起高度重视。

数字浪潮奔涌，网安使命在肩！由多部门联合主办的第五届极客少年挑战赛，即日正式启动全国报名！

作为一门极具实践特性的工学学科，网络空间安全在人才识别与评价方面仍面临诸多独特挑战。因此，如何构建科学合理的网络安全人才评价体系，既是学科发展的内在需求，更是推动该领域高质量发展的关键课题。

A newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute weaponized repositories packed with multistage malware. This financially motivated group leverages the inherent trust in open-source platforms to target a diverse range of victims, including cybersecurity professionals, red teamers, penetration testers, […]

The post Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers disclosed two critical vulnerabilities in sslh, a widely used protocol multiplexer that enables multiple services—such as SSH, HTTPS, and OpenVPN—to share a single network port. These flaws, tracked as CVE-2025-46807 and CVE-2025-46806, could allow remote attackers to crash sslh or render it unavailable, resulting in a denial-of-service (DoS) for legitimate users. CVE ID […]

The post Critical sslh Vulnerabilities Allow Remote Denial-of-Service Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft’s Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe