Aggregator

9月12-13日，由国家信息中心《信息安全研究》杂志社和广州市政务服务和数据管理局主办的关键信息基础设施安全防 […]

9月9日至9月15日，2024年国家网络安全宣传周举办，今年网安周继续以“网络安全为人民，网络安全靠人民”为主 […]

珠江水岸，南海之门。2024年国家网络安全宣传周于9月9日在广州南沙隆重举行。 网络安全为人民、网络安全靠人民 […]

近日，中关村网络安全与信息化产业联盟（以下简称“联盟”）秘书长邹冬携国家信息技术安全研究中心原科研部长石峰、北 […]

一周情报速览~

微软计划重新设计反恶意软件产品与 Windows 内核交互的方式，以直接应对 7 月份由 CrowdStrike 更新错误导致的全球 IT 中断。 微软表示，它正在对 Windows 进行改进，以允许端点安全解决方案在操作系统内核之外有效运行，目的是为了防止未来出现类似 CrowdStrike 的大规模中断。 微软响应了客户和供应商的呼吁，同时指出，这些新功能要想满足需求，还必须克服许多挑战。 内核模式之外的性能需求和防篡改保护是需要关注的问题之一。微软表示，它将考虑安全传感器要求和安全设计，并试图改进 Windows 的架构，以允许防病毒工具在较低权限的空间或环境中运行时安全地检查系统。 在微软与 EDR 供应商举行为期一天的峰会后，微软副总裁 David Weston 表示，对操作系统的调整是实现弹性和安全目标的长期措施的一部分。 “我们探索了微软计划在 Windows 中提供的新平台功能，以我们在 Windows 11 中所做的安全投资为基础。Windows 11 改进的安全态势和安全默认值使该平台能够为内核模式之外的解决方案提供商提供更多的安全功能。”Weston 在EDR 峰会后的一份说明中表示。 重新设计是为了避免重演CrowdStrike 软件更新事故，该事故导致Windows 系统瘫痪并造成全球数十亿美元的损失。 Weston 提到了 CrowdStrike 事件，强调 EDR 供应商在向大型 Windows 生态系统推出更新时采用微软所谓的安全部署实践 (SDP) 的紧迫性。 Weston 表示，SDP 的核心原则包括“向客户逐步、分阶段部署更新”、使用“具有多样化端点的有节制的推出”以及在必要时暂停或回滚更新的能力。 Weston 补充道：“我们讨论了微软和合作伙伴如何增加关键组件的测试，改进跨不同配置的联合兼容性测试，推动有关开发中和市场中产品健康状况的更好的信息共享，并通过更严格的协调和恢复程序提高事件响应的有效性。” Weston 在峰会上表示，微软与合作伙伴讨论了内核模式之外运行的性能需求和挑战、安全产品的防篡改保护问题、安全传感器要求以及未来平台的安全设计目标。   转自军哥网络安全读报，原文链接：https://mp.weixin.qq.com/s/aQvmvilT5wo-C37nuuAZ0g 封面来源于网络，如有侵权请联系删除

Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.

Inquiry Launched to Determine the Company's Compliance With GDPR
The Irish data regulator launched an investigation to determine Google's compliance with a European privacy law when it was developing its PaLM 2 artificial intelligence model. Google launched the multilingual generative AI model last year.

Over-Deployment of Tools Raises Security and Operational Concerns
Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.

Biden Administration Hits Russian Media With More Sanctions for Covert Operations
The U.S. Department of State announced additional sanctions Friday against the Kremlin news outlet RT after officials received new information from employees of the organization that revealed how it has become a key component in the Russian military machine.

Series C Funds to Fuel AI Research, Government Sector Investment and Global Growth
Strider Technologies has raised $55 million in a Series C funding round to strengthen its AI capabilities and fuel global expansion efforts. The money will enhance the company’s AI-driven insights, support business with government agencies, and fuel international expansion in Europe and Asia.

近日，在国家漏洞库（CNNVD）网络安全漏洞治理产业协同创新研讨活动中，深信服被授予“国家信息安全漏洞库核心技 […]

近日，国家信息安全漏洞库（CNNVD）收到关于GitLab安全漏洞的通报（CNNVD-202409-1044、CVE-2024-6678）情况的报送。

Mageni Mageni is an open source vulnerability management platform. Mageni provides a faster, enjoyable, and leaner vulnerability management experience for modern cybersecurity programs. Real-life problems that Mageni solves for you Assets Discovery Services Discovery...

The post mageni: open source vulnerability management platform appeared first on Penetration Testing Tools.

A vulnerability has been found in Seyeon Flexwatch Network Video Server 2.2 and classified as very critical. This vulnerability affects unknown code of the file aindex.htm. The manipulation with the input // leads to improper privilege management. This vulnerability was named CVE-2003-1160. The attack can be initiated remotely. Furthermore, there is an exploit available.

Nosey Parker: Find secrets in textual data Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for offensive and defensive security testing. Key features:...

The post noseyparker: finds secrets and sensitive information in textual data and Git history appeared first on Penetration Testing Tools.

Caido Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease. Feature Sitemap The Sitemap feature allows you to visualize the structure of any website that is proxied through...

The post Caido: audit web applications with efficiency and ease appeared first on Penetration Testing Tools.

Reverse SSH Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax Dynamic, local and remote forwarding Native SCP and SFTP implementations for retrieving files from your targets...

The post Reverse SSH: SSH based reverse shell appeared first on Penetration Testing Tools.