Aggregator

在邮件列表上，Xubuntu 项目披露网站被入侵细节。Xubuntu 官网是在上个月中旬被入侵植入了名为 Xubuntu-Safe-Download.zip 的恶意文件，开发者称攻击者是利用 WordPress 的一个存在弱点的组件使用暴力破解的方式获得了网站访问权限，这次事件只涉及下载站及其提供的 Torrent 链接，其它都未受影响，Xubuntu 的构建系统、软件包或其它组件都未受到影响。如果用户下载了 Xubuntu-Safe-Download.zip 建议立即删除，使用安全软件扫描系统。

A debate over privacy has once again ignited around several budget Samsung smartphones. The controversy stems from the

The post Samsung AppCloud Sparks Privacy Fear: Accused of Being ‘Undeletable Spyware’ appeared first on Penetration Testing Tools.

Управляющий активами лишился биткоинов, просто достав телефон в лобби отеля.

From time to time, it can be instructive to look at generic phishing messages that are delivered to

Agentic Threat Hunting, Predictive Threat Intelligence, Disinformation Security & Cyber Deception and more

The post Scaling Cyber: meet the next cybersecurity global leaders appeared first on Security Boulevard.

单人最高赔偿7.5万美元

Scattered Spider LAPSUS$ Hunters are back with a confirmed 284-company supply chain br

I saw someone in a college group, we didnt really talk to each other but he would say

☕️ TL;DR近期佳作推荐：[电影] 无可奈何、[电影] 人偶之家、[韩剧] 亲爱的 X、[美剧] 兽藏我心、[日剧] 丑闻前夜、[美剧] 石油天王 第二季、[爱尔兰] 死亡通知 第二季、[电影]

近期，我们在调查过程中捕获到APT-C-26(Lazarus)使用的一款功能完备的定制化监控程序，具备完整的远程桌面控制能力。我们分析认为，此类行为不仅威胁企业数据安全，更可能为其的后续网络攻击行动积累战略资源。

A major outage in Cloudflare’s infrastructure became an unexpected test of resilience for countless companies. On 18 November,

The post Cloudflare Outage: Internal Failure Shuts Down Sites, Exposing Hidden Security Gaps appeared first on Penetration Testing Tools.

不管是阅读计算机领域的英文内容，还是使用英文界面软件时，你可能都会见到很多生词。其中，有的词本身就长得张牙舞爪，或者在日常语境下用得很少，因此一眼就知道是个技术术语。但又有这样一些眼

The Xubuntu team has released detailed information about the October incident during which the downloads page at https://xubuntu.org/download/

The post Xubuntu Download Page Hacked: Malicious File Distributed for Several Days appeared first on Penetration Testing Tools.

К чему приведет полный отказ Mozilla от аутсорсинга приватности?

Cybersecurity experts have detailed a newly identified Android banking trojan called Sturnus, engineered to steal credentials and seize

The post New Sturnus Android Trojan Bypasses Signal/WhatsApp Encryption, Seizes Full Control appeared first on Penetration Testing Tools.

A series of patches proposing a MEMINSPECT mechanism for memory analysis and debugging has been submitted to the

The post MEMINSPECT Proposed for Linux Kernel: Simplifies Memory Debugging & Post-Mortem Analysis appeared first on Penetration Testing Tools.

本文系统介绍实验室为此构建的5G安全课程体系。该体系以“课程打基础、竞赛促熟练、演练炼实战”为核心，构筑了一条环环相扣的能力成长路径，致力于完成学员从掌握安全理论到具备实战对抗能力的跨越。

智能船舶的网络安全风险已从潜在隐患演变为现实威胁。

Leaked Executive Order Would Strip States of Power to Regulate AI Tech Firms
A leaked draft executive order would empower federal agencies to override state AI laws, threatening federal funds for noncompliance and creating a litigation task force - drawing sharp backlash over executive overreach and potential harm to consumers.