Aggregator

CVE-2024-54676 | Apache OpenMeetings up to 7.x Cluster Mode deserialization

VulDB Recent Entries
7 months 1 week ago
A vulnerability was found in Apache OpenMeetings up to 7.x and classified as problematic. Affected by this issue is some unknown functionality of the component Cluster Mode. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-54676. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Stalwart – All-in-One Open-Source Secure Mail Server with JMAP, IMAP4, POP3, and SMTP

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months 1 week ago

Stalwart is an innovative open-source mail server solution that supports JMAP, IMAP4, POP3, and SMTP, offering a comprehensive suite of features designed for security, performance, and scalability. Built with Rust, Stalwart stands out for its modern architecture that emphasizes safety and speed, making it an ideal choice for both individual users and enterprises. Features 1. […]

The post Stalwart – All-in-One Open-Source Secure Mail Server with JMAP, IMAP4, POP3, and SMTP appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

每日安全动态推送(25/1/8)

不安全
7 months 1 week ago
•  SMB3内核服务器(ksmbd)漏洞研究:深入探索Linux内部与网络通信安全ksmbd vulnerability research本文深入研究了Linux内核中的SMB3组件(ksmbd)的

2024 Wrapped: A Year of Growth, Innovation, and Community at ANY.RUN 

Anyrun
7 months 1 week ago

As we wrap up 2024, let’s take a moment to reflect on what an incredible year it’s been for ANY.RUN. Together, we’ve achieved so much: breaking barriers, improving tools, and working side by side with you, our amazing community of cybersecurity heroes.  From big product launches to small tweaks that make a huge difference, everything […]

The post 2024 Wrapped: A Year of Growth, Innovation, and Community at ANY.RUN  appeared first on ANY.RUN's Cybersecurity Blog.

ANY.RUN

PriveShield – Advanced Privacy Protection with Browser Profile Isolation

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months 1 week ago

A browser extension named PRIVESHIELD automatically creates isolated profiles to group websites based on browsing history and user interaction, which disrupts cross-website tracking practices by preventing cookie-matching methods used for targeted advertising.  The evaluation results show that PRIVESHIELD is more than 90% effective in preventing ad exchanges from sharing user information. In Real-time Bidding (RTB), […]

The post PriveShield – Advanced Privacy Protection with Browser Profile Isolation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Gurubaran

1000’s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months 1 week ago

A recent investigation revealed that the Akira and Fog ransomware groups are actively exploiting the SonicWall NSA vulnerability (CVE-2024-40766) to compromise organizations.  As of December 23, 2024, over 100 companies are suspected to have been victimized by these groups through this vulnerability. Despite the disclosure in September 2024, a significant number of devices, exceeding 48,933, […]

The post 1000’s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Varshini

Critical BIOS/UEFI Vulnerabilities Allow Attackers To Overwrite System Firmware

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months 2 weeks ago

Researchers discovered critical BIOS/UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, where the device utilizes an outdated firmware implementation with CSM mode lacking essential security features like Secure Boot and firmware write protections.   The vulnerability window allows attackers to exploit the system, potentially overwriting the firmware to either disable the device or install malicious […]

The post Critical BIOS/UEFI Vulnerabilities Allow Attackers To Overwrite System Firmware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Balaji

喜报!CACTER登榜CCSIP 2024中国网络安全行业全景册

嘶吼
7 months 2 weeks ago

2024年12月31日, FreeBuf咨询正式发布了《CCSIP(China Cyber Security Industry Panorama)2024中国网络安全行业全景册(第七版)》(以下简称“全景册”),旨在为企业安全建设及产品选型提供参考。

CACTER凭借卓越的综合实力,强势登榜该全景册的“邮件安全”、“恶意内容检测”、“钓鱼检测”、“数据防泄漏(DLP)”、“SOAR”、“欺骗诱捕/蜜罐”、“威胁情报”、“容灾备份”、“应急响应与重保服务”和“安全咨询和培训教育”等7大分类10项细分领域。

据悉,《CCSIP 2024中国网络安全行业全景册(第七版)》分为七大逻辑层、20个一级分类、110个二级分类,收录近300家厂商,展现4800余次。相较于第六版,本版全景册新增了“大模型安全”和“信创安全”两个细分领域。

CACTER在全景册中多个细分领域的入选,充分证明了业界对其邮件安全产品技术能力、市场覆盖和品牌影响力的高度认可。

未来,CACTER将继续深耕邮件安全领域,为广大行业客户提供更多符合市场需求的综合邮件安全解决方案,帮助客户有效应对数字化转型中的挑战,助力我国邮件安全事业的数字化发展。

CACTER邮件安全

CACTER邮件安全是由Coremail孵化的独立品牌,隶属于广东盈世计算机科技有限公司。凭借25年的反垃圾反钓鱼技术沉淀,CACTER致力于提供一站式邮件安全解决方案。产品涵盖邮件安全网关、CAC2.0反钓鱼防盗号、安全海外中继、邮件数据防泄露EDLP、安全管理中心SMC2、Email Webrisk API、重保服务、反钓鱼演练等。

核心技术依托自研国产反垃圾引擎和Coremail邮件安全大数据中心,高效识别并拦截垃圾广告、钓鱼邮件、病毒邮件、BEC诈骗邮件等各类威胁,为企业邮件通信保驾护航。

CACTER邮件安全网关

CACTER邮件安全网关,基于自主研发的神经网络平台NERVE2.0深度学习能力,全面检测并拦截各类恶意邮件,包括垃圾邮件、钓鱼邮件、病毒邮件及BEC诈骗邮件;反垃圾准确率高达99.8%,误判率低于0.02%

CAC2.0反钓鱼防盗号

CAC2.0是一款同时具备威胁邮件识别过滤、可疑邮件提示、邮箱账号异常监测与准实时告警、泄露账号威胁登录拦截,以及综合型邮件威胁情报(攻击IP、威胁URL、钓鱼邮件主题、重保紧急情报等)的云安全服务,全面防范“邮件威胁”和“账号威胁”,拥有“事前拦截,事中告警,事后处置”的全流程能力

安全海外中继

安全海外中继产品针对跨境交流的收发延迟、链路不稳定,海外恶意邮件威胁等问题。产品依托全球优质中继服务器,智能选择最优质通道进行投递和接收,融合反垃圾网关技术,保障海外交流安全通畅。

CACTER邮件数据防泄露系统EDLP

基于深度内容识别技术,根据不同安全级别采用不同算法和策略,支持多种响应规则,对敏感数据通过邮件系统外发的行为,提供事后审计和提醒,以及事中审批和拦截,预防并阻止有意或无意的邮件数据泄露行为,保障企业数据安全

安全管理中心SMC2

SMC2是基于邮件系统,集成日志审计、攻击面管理、用户威胁行为分析、情报API和威胁自动处置的统一安全平台。

Email Webrisk API V1.0

Email Webrisk API V1.0旨在提高网络安全性的服务,帮助用户识别恶意链接地址或 IP,从而保护其网络远离潜在的威胁。

Coremail邮件安全

Managed ad