【安全圈】比特币 ATM 巨头字节联邦遭黑客攻击,5.8 万用户受到影响
关键词网络攻击摘要美国最大的比特币 ATM 运营商 Byte Federal 发生数据泄露事件,58,000 名客户受到影响。黑客利用 GitLab 中的漏洞访问了客户的敏感数据。暴露的信息包括姓名、
Aggregator
【安全圈】最新的Windows内核漏洞,可获system权限
7 months ago
关键词内核漏洞网络安全和基础设施安全局(CISA)已将两个新的漏洞添加到其已知被利用漏洞目录中,其中一个是涉及 Windows 内核的漏洞,目前正被用于攻击。该漏洞编号为CVE-2024-35250,
【安全圈】黑客通过虚假品牌赞助攻击YouTube视频创作者
7 months ago
关键词网络攻击据Cyber Security News消息,网络安全专家发现了一波针对Youtube创作者的攻击,攻击者利用钓鱼邮件,冒充品牌方与这些创作者进行合作沟通,以此来传播恶意软件。攻击者使用
【安全圈】苹果HomeKit出现安全漏洞被间谍机构利用 目前具体漏洞细节尚未公布
7 months ago
关键词安全漏洞近期臭名昭著的以色列商业间谍软件开发商 NSO 集团的飞马座(Pegasus)间谍软件被发现攻击了两名塞尔维亚的 iPhone 用户。调查结果表明,NSO 利用了一种新开采的漏洞,可能涉
Тайна 28 000 каналов: Telegram становится трибуной для экстремистов
7 months ago
Подписавшись на очередной блог, можно стать жертвой дезинформации и вербовки.
Dissecting the Research Behind BadGPT-4o, a Model That Removes Guardrails from GPT Models
7 months ago
**Author’s Note: This article is based on findings from the recent paper “BadGPT-4o: stripping safet
New APIs Discovered by Attackers in Just 29 Seconds
7 months ago
Wallarm honeypot research finds potentially exposed APIs are being discovered within half a minute
Installing Open-source Software on Your MacOS May Be Coming to an End
7 months ago
You know security is an overwhelming term and while I had the luxury to work for security firms, I f
How Should Engineering Leaders Handle Code Ownership Challenges?
7 months ago
Code ownership might not be a pressing concern when a small team of around 10 developers works on th
5 Practical Techniques for Effective Cyber Threat Hunting
7 months ago
Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless arrays of data and end up with no relevant intel.
To avoid this, use these five battle-tested techniques that are
The Hacker News
5 Practical Techniques for Effective Cyber Threat Hunting
7 months ago
Addressing cyber threats before they have a chance to strike or inflict serious damage is by far th
Today I Learned - setfacl
7 months ago
Table of Contents Introdu
Ананас на пицце – это вкусно? Безобидная шутка Малленвега вызвала шквал критики
7 months ago
Как всего один маленький флажок сумел всколыхнуть WordPress-сообщество?
Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest games”
7 months ago
Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest gam
Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest games”
7 months ago
Ukraine’s SBU uncovered an FSB espionage campaign recruiting minors for criminal activities disguised as “quest games.” The Security Service of Ukraine (SBU or SSU) uncovered a new espionage campaign linked to Russia’s intelligence agency Federal Security Service (FSB), which consists of involving minor Ukrainians in criminal activities under the guise of “quest games”. In Kharkiv, […]
Pierluigi Paganini
CODEGATE CTF 2024決勝のWriteup
7 months ago
著者:ptr-yudaiはじめに今回のブログ記事では、今年の8月29日と30日に開催されたCODEGATE CTF 2024 Finalsで取り組んだ問題の解説を公開します。CODEGATE
This Data Science-based Approach Can Help Convert Users Into Paying Customers
7 months ago
What is Uplift Modeling ?When faced with the problem of trying to influence prospective customers i
16-30 September 2024 Cyber Attacks Timeline
7 months ago
【处置手册】Apache Struts任意文件上传漏洞S2-067(CVE-2024-53677)
7 months ago
通告编号:NS-2024-0036-12024-12-17TAG:Apache Struts、S2-067、CVE-2024-53677漏洞危害:攻击者利用此漏洞,可实现任意文件上传。版本:1.11漏
【处置手册】Apache Struts任意文件上传漏洞S2-067(CVE-2024-53677)
7 months ago
近日,绿盟科技CERT监测到Apache发布安全公告,修复了Apache Struts任意文件上传漏洞S2-067(CVE-2024-53677)。CVSS评分9.5,目前漏洞PoC已公开,绿盟科技复现成功,请相关用户尽快采取措施进行防护。