Aggregator

青藤，让云更安全

加州大学河滨分校钱志云教授分享安全领域静态分析的技术与问题

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

本次捕获的多个样本不仅使用VMP壳进行代码保护，仿冒目标更是一改一贯作风，将矛头直指国家单位及安全厂商。

根据国家信息安全漏洞库（CNNVD）统计，本周（2024年6月24日至2024年6月30日）安全漏洞情况如下。

yso yso yso yso

亚马逊牵手澳大利亚信号局（ASD）

虽然之前已经感谢过一次了，但是再次感谢videohelp论坛larley大神的解答！再次感谢吾爱破解论坛@涛之雨大神的帮助！

感谢videohelp论坛larley大神的解答！感谢吾爱破解论坛@涛之雨大神的帮助！

关注高级攻防对抗技术热点，研究对手技术进行高级威胁模拟，研判攻击安全发展方向。

A CVSS score 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz)' was reported to the affected vendor on: 2024-07-05, 48 days ago. The vendor is given until 2024-11-02 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2024-07-05, 48 days ago. The vendor is given until 2024-11-02 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Nitesh Surana (@_niteshsurana) of Trend Micro Research' was reported to the affected vendor on: 2024-07-05, 53 days ago. The vendor is given until 2024-11-02 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Windows中有许多没有默认开启的事件日志，比如进程创建、DNS查询、文件监控、网络连接等。开启这些高级事件阅读更多

中国信通院公布2024上半年可信安全最新评估成果，悬镜灵脉SAST白盒代码审计平台成功通过软件供应链安全能力域-静态应用程序安全测试工具（SAST）能力评估。

首创代码疫苗关键技术和数字供应链安全情报预警体系，引领下一代数字供应链安全。

1.Embargo勒索团伙公布新的受害公司 2.Hunters勒索团伙公布了新的受害公司 3.pryx勒索团伙公布了新的受害者