Aggregator

作者：Pedro Umbelino, Jake Olcott 译者：知道创宇404实验室翻译组 原文链接：https://www.bitsight.com/blog/aftermath-kaspersky-ban 在2024年春，全球对供应链风险的担忧日益加剧，对技术供应商的信任和可靠性问题也愈发凸显。在这样的背景下，美国对俄罗斯的杀毒软件巨头卡巴斯基实验室下了禁令，禁止其产品进入美国市场。...

error code: 521

EVENT   通用专项活动第六期-通用2.0、通用1.0-奖金加成卡、额外奖励金本期活动涵盖通用2.0及通用1.0漏洞奖励计划，为方便师傅们的理解，在此罗列两种计划区别。收录范围、奖金范围、

叠加奖励金，还有新年礼盒好礼相送~

主站 分类 漏洞 工具 极客

最新报告，曹县黑客在2024年通过47次网络攻击，窃取了价值13.4亿美元的加密货币。

本周，互联网网络安全态势整体评价为良。

本周网络安全基本态势本周，互联网网络安全态势整体评价为良。我国互联网基础设施运行整体平稳，全国范围或省级行政区域内未发生造成重大影响的基础设施运行安全事件。针对政府、企业以及广大互联网用户的主要安全威

Linux Process Injection This repository contains proof-of-concept implementations of various Linux process injection primitives. This code is meant to provide simple examples of injection techniques in action, allowing defenders to understand how they work...

The post Linux Process Injection: proof-of-concept implementations of various Linux process injection primitives appeared first on Penetration Testing Tools.

A vulnerability was found in Apple iOS up to 12.0.1. It has been classified as critical. Affected is an unknown function of the component FaceTime. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2018-4367. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

引言主要更新内容ATT&CK继续延续每年更新两个大版本的状态，今年迎来的ATT&CK 的第16个版本。笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的

笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的更新内容和主要的更新方向。

Fibratus Fibratus is a tool for exploration and tracing of the Windows kernel. It lets you trap system-wide events such as process life-cycle, file system I/O, registry modifications or network requests among many other observability signals. In a...

The post fibratus: exploration and tracing of the Windows kernel appeared first on Penetration Testing Tools.

A vulnerability was found in Critical Path Injoin Directory Server 4.0. It has been classified as critical. Affected is an unknown function of the component iCon Administrative Web Server. The manipulation of the argument LOG leads to information disclosure. This vulnerability is traded as CVE-2002-0786. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A recent ransomware attack is causing significant disruptions to public transportation in the Pitts

Spoofy Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records. You may be asking, “Why do we need another tool that can check if...

The post Spoofy: checks if a list of domains can be spoofed based on SPF and DMARC records appeared first on Penetration Testing Tools.

一. 数据要素 1.1 数据要素大事记近年来，数据从一种新兴资源被逐步确立为关键生产要素，经历了从概念提出到政策落地的一系列重要节点。以下这些大事件，清晰勾勒出我国数据要素化发展的路径：•

国家数据局正式发布《可信数据空间发展行动计划（2024—2028年）》，标志着国内可信数据空间建设进入全面实施阶段。从数据被视为生产要素到规划建设不低于100个可信数据空间，仅用五年时间，中国数据要素化治理与应用实践已经取得显著成效

error code: 521