Aggregator

Пока ты листал расписание, кто-то отбивал DDoS.

In today’s cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools are essential, one critical layer often goes overlooked: the Domain Name System (DNS). As the starting point of nearly every online interaction, DNS is not only foundational - it’s increasingly a target. When left unsecured, it becomes a single point of

人还是太孤独了。

Magento выглядела вполне нормально, пока в ней не нашли способ запускать произвольный код.

An ISC2 study found that 90% of security hiring managers would consider entry-level candidates with only previous IT work experience

For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users are urged to update quickly. About CVE-2025-33053 CVE-2025-33053 is a remote code execution vulnerability in Web Distributed Authoring and Versioning (WebDAV), which is a protocol for extending HTTP protocol functionality for interacting with files. Flagged by Check Point researchers, the vulnerability has been exploited in March 2025 to … More →

The post Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) appeared first on Help Net Security.

2025年5月，中央网信办举报中心指导全国各级网信举报工作部门、主要网站平台受理网民举报色情、赌博、侵权、谣言等违法和不良信息1829.6万件，环比增长1.7%、同比下降9.4%。

5月29日，英国国防部宣布，将斥资10亿英镑（约合13.5亿美元）建设“数字目标定位网络”。为此，英国将组建新的网络与电磁司令部，并招募相关人员，全面强化英军网络战能力，使网络和电磁行动与其他军事行动...

党中央、国务院高度重视政务数据共享工作。近日，国务院总理李强签署国务院令，公布《政务数据共享条例》。《条例》是我国第一部专门规范和推进政务数据共享的行政法规，是我国数字政府建设顶层设计的又一里程碑事件...

意见反馈截止日期为2025年7月10日前。

Все государственные системы подключат к одной ИИ-консоли. Кто её выключит — неизвестно.

关键词Windows微软近日披露，Windows远程桌面服务中存在一个严重的安全漏洞（CVE-2025-327

关键词outlook微软邮件客户端 Outlook 曝出重大安全漏洞，编号为 CVE-2025-47176，公

关键词网络攻击拉撒路集团被当场抓包，曾令整个加密世界闻风丧胆的朝鲜黑客组织，如今却因为低级错误彻底翻车。

关键词数据泄露美国加密货币交易所 Coinbase 日前披露了一起重大数据泄露事件，约 6.9 万名客户敏感信

A vulnerability was found in Mattermost up to 9.11.13/10.5.4 and classified as problematic. Affected by this issue is some unknown functionality of the file /api/v4/teams/{team_id}. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2025-4128. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mattermost up to 9.11.13/10.5.4/10.6.3/10.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /api/v4/ldap/groups/{remote_id}/link of the component LDAP Search Filter. The manipulation of the argument objectGUID leads to ldap injection. This vulnerability is known as CVE-2025-4573. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Сначала был Tinder, потом крипта, а дальше — Багамы и прачечная.

Каждое приложение теперь живёт в своей мини-вселенной и стартует за долю секунды.

Apache CloudStack, a leading open-source cloud management platform, has announced the immediate availability of new Long-Term Support (LTS) releases—version 4.19.3.0 and 4.20.1.0—to address multiple critical security vulnerabilities. The advisory, published by PMC member Pearl Dsilva on June 10, 2025, highlights five distinct vulnerabilities, two of which are rated critical and pose significant risks to user […]

The post Apache CloudStack Flaw Allows Attackers to Execute Privileged Actions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.