Aggregator

By the end of 2025, the internet had become even more tightly bound to cloud infrastructure, mobile traffic,

The post Internet Rewired: Cloudflare 2025 Report Reveals a 19% Traffic Surge and the Rise of AI Bot Wars appeared first on Penetration Testing Tools.

本文将深度解析 AFL++ 对 QEMU 的 patch 细节。

A new wave of pressure targeting Israeli professionals linked to the defense sector has moved beyond conventional cyberattacks

The post Digital Crosshairs: Iran-Linked “Handala” Group Offers $30K Bounties for Israeli Engineers appeared first on Penetration Testing Tools.

In the run-up to the New Year holidays, underground marketplaces often see a surge of freshly minted data-stealing

The post Naughty List: SantaStealer Malware Unwrapped—The “New” Holiday Threat is Just Rebranded Code appeared first on Penetration Testing Tools.

The Danish government has opened a public consultation on amendments to copyright and broadcasting laws that would make

The post The VPN Stand-off: Denmark Backtracks on Controversial VPN Ban Amid Authoritarian Concerns appeared first on Penetration Testing Tools.

通过带有任意读写漏洞的漏洞驱动进行提权

HackerNews 编译，转载请注明出处： 本周，一个多次被当局查封又屡次被攻击者恢复的数据泄露网站Breachforums上发布了攻击公告。攻击者吹嘘已侵入法国内政部，并窃取了多个存储敏感数据的政府系统信息。 黑客团队声称，此次攻击是对当局逮捕 “ShinnyHunters/hollow网络犯罪团伙成员的报复。此次泄露涉及超1640万法国人的信息，约占法国总人口的四分之一。 法国内政部向Cybernews证实，该部门遭遇“恶意入侵”，目前正在“最高级别”处理。据内政部称，初步技术调查显示，攻击者仅能查看有限数量的工作邮箱账户。 与此同时，《费加罗报》报道称，法国当局的初步调查显示，黑客很可能通过员工在邮件中明文分享的密码获取了凭证，从而访问了内政部的应用程序。 内政部称：“通过邮箱账户，攻击者获取了一些身份验证信息，进而访问了业务应用程序。目前正在分析以确定受影响数据的具体范围、性质和数量，尤其是哪些数据被泄露。”但现阶段仍不清楚攻击者具体访问了何种数据或是否窃取了详细信息。 内政部称已注意到Breachforums上的帖子，正在调查相关说法。所有必要措施正在采取以阻止此次入侵，并加强部委信息系统的整体安全。司法调查也在进行中，以期尽快识别并起诉肇事者。 攻击者声称了什么？ 攻击者最初声称此次黑客攻击涉及数百万法国公民的信息，并访问了犯罪记录处理系统、通缉人员档案库、国际刑警相关系统，以及内政部的财务和养老金计划数据集。虽然未具体说明可能泄露的数据类型，但据称被访问的数据集很可能包含大量敏感细节，从个人身份信息到犯罪记录和机密案件详情。内政部员工，包括警官，也可能受到影响。 其他报告指出，据称在数据泄露中暴露的1600万人是所有正在进行和过去司法程序中的嫌疑人和受害者。如果得到证实，此次攻击可能产生深远影响，因为大量敏感数据可能被外国政府和犯罪组织利用。 值得注意的是，这起所谓的对落网网络同伙的“报复”攻击也涉及金钱要求。攻击者给法国政府一周时间支付赎金以“删除”被盗数据，否则威胁将数据出售给其他网络犯罪分子。该消息后来从Breachforums上移除，网站显示“维护中”横幅。据攻击者称，他们因遭受DDoS攻击而被迫关闭论坛。 攻击者还透露，他们通过CHEOPS门户入侵了内政部，这是当局内部使用的通信系统。然而，并非所有人都相信攻击者确实获取了敏感信息。法国安全研究员、网络安全公司Predicta Labs的首席执行官巴蒂斯特·罗伯特指出，尽管攻击者声称大胆，但至今未提供任何数据样本作为证据。 攻击者上传了一张CHEOPS门户登录页面的截图，在用户密码输入处写有“WE ARE STILL HERE”。此外，还有一张模糊的身份证照片，暗示攻击者可能访问了一些警察的身份证件。罗伯特在X平台上用法语发帖质疑：“伙计们，你们甚至没有截一张自己在门户网站上认证的截图吗？这就是你们能展示的全部吗？”在后来的帖子中，这位安全研究员指出，虽然发生了严重的数据泄露，但目前没有迹象表明攻击者成功窃取了大量个人敏感数据。 过去的法国数据泄露事件 法国内政部的网络攻击并非该国首次遭遇重大数据安全事件。去年，Cybernews研究人员发现了一个暴露的数据库实例，包含超过9500万条记录，汇集了过去攻击中已知和未知的数据泄露。今年5月，Stormous勒索软件团伙在其暗网博客上发布了一个大型数据集，据称包含多个法国组织和机构的电子邮件和密码。 作为一个庞大而富裕的国家，法国经常成为网络犯罪分子的目标。仅今年，攻击者就针对法国旗舰航空公司法国航空、著名学府巴黎索邦大学以及法国足球联合会发动了攻击。     消息来源：cybernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

好的，我现在需要帮助用户总结一篇文章的内容，控制在100个字以内。用户还特别指出不需要以“文章内容总结”或“这篇文章”这样的开头，直接写描述即可。同时，用户提供的示例是关于错误代码521的。 首先，我得理解错误代码521是什么。根据我的知识，521通常与Cloudflare有关，表示Web服务器返回了无效的响应。这可能意味着服务器配置错误、应用程序故障或其他问题导致无法正确处理请求。 接下来，我需要将这些信息浓缩到一句话内，确保不超过100个字，并且直接描述内容。可能的表达方式包括说明错误代码的原因、影响以及常见解决方法。 现在，我来组织语言：错误代码521通常由Cloudflare触发，表明Web服务器返回了无效响应。这可能由于配置错误、应用程序故障或网络问题引起。常见解决方法包括检查服务器配置、重启服务和排查网络连接问题。 最后，确保语言简洁明了，不使用复杂的术语，并且符合用户的要求。 错误代码521通常由Cloudflare触发，表明Web服务器返回了无效响应。这可能由于配置错误、应用程序故障或网络问题引起。常见解决方法包括检查服务器配置、重启服务和排查网络连接问题。

2012年8月，“The Botting Network”论坛发生数据泄露事件，96,300个用户记录被暴露，包括电子邮件地址、用户名、出生日期和加密的MD5密码哈希。建议用户立即更改受影响账户的密码，并启用双因素认证以增强账户安全性。

三菱電機製GENESIS64、ICONICS Suite、MobileHMIおよびMC Works64のソフトウェアキーボード機能（キーパッド機能）には、OSコマンドインジェクションの脆弱性が存在します。

An active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, targeting Secure Email Gateway (formerly Email Security Appliance, ESA) and Secure Email and Web Manager (formerly Content Security Management Appliance, SMA). The attack, spotted since late November 2025 and publicly disclosed on December 10, allows attackers to run system-level commands and plant a persistent […]

The post Cisco AsyncOS 0-Day Vulnerability Exploited in the Wild to run System-level Commands appeared first on Cyber Security News.

安装超800万次的Urban VPN Proxy扩展被发现窃取用户与AI平台的完整对话记录并出售用于营销，已被谷歌下架。

Also: macOS Naughty or Nice, Cybercrime Karma, Spoofing Legacy Rail Infrastructure
London in December: Early to dark, quick to rain but also festive - and a mecca for cybersecurity researchers there for the annual Black Hat Europe conference. This year's event featured nearly 50 briefings that touched on everything from hardware hacking to combing infostealer logs for hidden gems.

Security Needs to Document Risks and Push Back Against Retroactive Accountability
A recent CISO resignation letter exposes a structural flaw in how organizations manage cyber risk. It shows what happens when risk is accepted quietly and accountability is enforced retroactively, and it's a cautionary tale about why CISOs need to actively manage their careers.

More Dry Powder Will Help Cyera Compete Against Proofpoint, Rubrik in AI Agent Era
Cyera in just four years has raised $1.3 billion, the second-largest venture haul for any cyber startup behind only Wiz. The company set its sights even higher in 2026, with media reports that Cyera is set to receive another $400 million - this time from Blackstone - at a valuation of $9 billion.

Practical Steps That Effectively Strengthen Security and Resilience
Cyberattackers know SMBs think they're "too small to be a target" - and they're acting on it. Learn why small businesses are increasingly targeted and the five foundational steps that can significantly reduce cyber risk.

Ink Dragon Compromised IIS Networks to Relay ShadowPad Malware
A Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as "Ink Dragon."

Experts Say AI Is Already Enabling Faster and Harder-to-Detect Attack Campaigns
Artificial intelligence-fueled malware and automated cyber tools are enabling faster, more adaptive attacks at scale, with experts warning Congress that adversaries are now leveraging AI and quantum advances to outpace defenders and bypass outdated security architectures.

Push Comes as HHS Steps Up Enforcement of Data-Sharing and Record Access Regs
A privacy-minded senator is pressuring U.S. health tech companies to give patients more control over where their patient data goes, framing the matter as a matter of national security as well as privacy. Regulators have ramped up enforcement of rules that promote the interoperability.

Threat actors launched a coordinated brute-force campaign against enterprise VPN gateways, hammering Palo Alto Networks GlobalProtect portals and Cisco SSL VPN endpoints with millions of automated login attempts in mid-December 2025. GreyNoise intelligence revealed the attacks stemmed from centralized infrastructure hosted by Germany’s 3xK GmbH, using scripted credential stuffing rather than zero-day exploits. The operation […]

The post Hackers Actively Attacking Cisco and Palo Alto Networks VPN Gateways to Gain Login Access appeared first on Cyber Security News.