Aggregator

HackerNews 编译，转载请注明出处： 谷歌周三透露，该公司在2024年暂停了超过3920万个广告主账户，其中大部分账户在其向用户推送有害广告之前已被系统识别并拦截。 这家科技巨头表示，去年总计屏蔽了51亿条违规广告，限制了91亿条广告，并在13亿个页面上屏蔽或限制了广告展示。此外，该公司还因诈骗相关违规行为暂停了超过500万个账户。 前六类广告政策违规行为包括：广告网络滥用（7.931亿次）、商标滥用（5.031亿次）、个性化广告违规（4.913亿次）、法律要求不达标（2.803亿次）、金融服务违规（1.937亿次）以及虚假陈述（1.469亿次）等。 被屏蔽或限制广告的页面大多涉及以下内容：色情信息、危险或贬损性内容、恶意软件、令人不适的内容、武器推广与销售、在线赌博、烟草/酒精销售或滥用、知识产权侵权以及露骨性内容。 谷歌表示，其一直在使用人工智能（AI）驱动的工具快速标记新兴威胁和滥用模式，通过企业身份仿冒和非法支付信息等信号作为早期指标来打击广告欺诈。 该公司在提供给《黑客新闻》的声明中称：我们打击了利用AI生成的深度伪造技术进行的公众人物仿冒诈骗，为此类违规行为暂停了超过70万个账户。作为更广泛行动的一部分，我们共屏蔽/移除了4.15亿条广告，并因诈骗违规暂停了超500万个账户。 谷歌还提到，已将广告主身份验证计划扩展至200多个国家和地区，以提高透明度并加强对选举广告中AI生成内容的管控。2024年，超过8900个新注册的选举广告主通过验证，同时移除了来自未经验证账户的1070万条选举广告。 谷歌持续加强广告安全的举措，源于恶意广告（malvertising）仍是恶意软件初始传播的重要渠道——攻击者通过滥用谷歌搜索（及其他搜索引擎）的欺诈性广告，将用户引导至虚假网站。 该公司强调：广告安全形势不断变化，受AI技术进步、新兴滥用策略及全球事件的影响，行业需要持续保持敏捷应对能力。     消息来源：thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络；  转载请注明“转自 HackerNews.cc”并附上原文

Shellz A script for generating common reverse shells fast and easy. Especially nice when in need of PowerShell and Python reverse shells, which can be a PITA getting correctly formatted. PowerShell revshells Shows username@computer.(domain),...

The post shells: Script for generating reverse shells appeared first on Penetration Testing Tools.

ADMiner ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a web-based static report, including...

The post AD_Miner: Active Directory audit tool appeared first on Penetration Testing Tools.

聊聊做好企业蓝军攻防的一些核心关键

聊聊做好企业蓝军攻防的一些核心关键

苹果紧急修复两个高危iOS漏洞，已被用于复杂攻击！

A vulnerability was found in Mozilla Firefox, Firefox ESR and Thunderbird. It has been rated as critical. This issue affects some unknown processing of the component Top-Level Await Handler. The manipulation leads to code injection. The identification of this vulnerability is CVE-2022-1802. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Firefox, Firefox ESR and Thunderbird. Affected is an unknown function of the component Javascript Object Handler. The manipulation leads to code injection. This vulnerability is traded as CVE-2022-1529. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.9 and classified as problematic. Affected by this issue is some unknown functionality of the component Braille Space Handler. The manipulation leads to improper certificate validation. This vulnerability is handled as CVE-2022-1834. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.8. It has been classified as problematic. This affects an unknown part of the component Email Message Handler. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2022-1520. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 100 on iOS. Affected by this issue is some unknown functionality of the component Search Term Handler. The manipulation leads to sql injection. This vulnerability is handled as CVE-2022-1887. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

疑似某红队CS样本分析一

新闻速览 •加密聊天成破案关键：欧洲”云端行动”捣毁跨国毒品网络 •备受争议的4cha […]