Aggregator

有料、不卷、速来！创新大会 2025 全议程公布

意外从网友UID(3525972251)处看到17_angr_arbitrary_jump的简单解

根据 Statcounter 的统计数据，距离 Windows 10 终止支持不到一年时间，Windows 11 的份额并没有增长反而下降了。Windows 11 的全球桌面操作系统市场份额从 10 月的 35.6% 降至 11 月的 34.9%，Windows 10 的市场份额则增长不到一个百分点至 61.8%。在微软本土市场美国，Windows 11 的下降趋势更为明显。与此同时，微软官方博客强调它不会降低 Windows 11 的硬件需求，称 Trusted Platform Module (TPM) 2.0 对未来的安全至关重要。

Russia-linked APT group Secret Blizzard has used the tools and infrastructure of at least 6 other threat actors during the past 7 years. Researchers from Microsoft Threat Intelligence collected evidence that the Russia-linked ATP group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has used the tools and infrastructure of at least 6 other threat actors during the […]

Refactoring 019 - How to Reify Email Addresses

Почему даже привлекательные предложения не всегда работают.

本文聚焦于密钥硬编码的问题，分析了传统检测策略的缺陷，并详细介绍了大模型在该场景下的优势、检测实施方案和效果。

本文聚焦于密钥硬编码的问题，分析了传统检测策略的缺陷，并详细介绍了大模型在该场景下的优势、检测实施方案和效果。

本文聚焦于密钥硬编码的问题，分析了传统检测策略的缺陷，并详细介绍了大模型在该场景下的优势、检测实施方案和效果。

本文聚焦于密钥硬编码的问题，分析了传统检测策略的缺陷，并详细介绍了大模型在该场景下的优势、检测实施方案和效果。

本文聚焦于密钥硬编码的问题，分析了传统检测策略的缺陷，并详细介绍了大模型在该场景下的优势、检测实施方案和效果。

本文聚焦于密钥硬编码的问题，分析了传统检测策略的缺陷，并详细介绍了大模型在该场景下的优势、检测实施方案和效果。

Почему фальшивые отчеты об уязвимостях опаснее, чем думают разработчики?

微步被授予NVDB“三星级技术支撑单位”（最高等级称号）

Privacy Advocates Warn of Risks from Expanding DHS Use of AI and Facial Recognition
The U.S. Department of Homeland Security is reportedly expanding its use of emerging surveillance tools, including drones and artificial intelligence, without proper safeguards as experts warn of potential privacy violations and risks involving facial recognition and third-party data usage.

French Police Reportedly Detain Accused Ryuk Money Launderer Ekaterina Zhdanova
An international investigation led by the U.K. busted Russian money cash-for-crypto laundering networks in an operation that's led to the arrest of 84 individuals and U.S. sanctions against others. One of the network allegedly laundered extortion money paid to the Ryuk ransomware group.

The Role of Security Tools in Platform Engineering: Enhancing Security in the New DevOps Era

A vulnerability was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. It has been declared as critical. Affected by this vulnerability is the function doFilter of the file \agile-bpm-basic-master\ab-auth\ab-auth-spring-security-oauth2\src\main\java\com\dstz\auth\filter\AuthorizationTokenCheckFilter.java. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-12235. The attack can be launched remotely. Furthermore, there is an exploit available.