Aggregator

英美多国安全机构发布安全部署指南，细化了部署和运维阶段AI实践要求

本期关键基础设施安全资讯周报共收录安全资讯29篇。点击文章，快速阅读最新资讯。

Платформа GothamQ - 34 км проводов и защита данных на скорости света.

Transport for London has revealed several digital services are suspended after a cyber-attack last week

The expansion of security budgets has slowed, indicating the end of rapid growth in the sector, according to a survey of 755 CISOs.

The post Security Budget Growth Slows, but Spending Remains Elevated appeared first on Security Boulevard.

ARPA-E поможет добывать никель без ущерба для природы.

在第二届深空探测（天都）国际会议上，中国国家航天局探月与航天工程中心天问三号任务总设计师刘继忠介绍，中国天问三号任务计划在 2028 年前后实施两次发射任务，实现火星样品返回地球。刘继忠介绍，天问三号作为我国第二次火星探测任务，确立生命痕迹探寻为第一科学目标，将突破火面采样、火面起飞上升、环火交会和行星保护等关键技术，实现火星样品返回地球。在行星保护方面，切实履行国际公约，开展前向和返向行星防护，确保不污染火星、不污染地球以及样品的原始性。这一时间表比原计划提前了两年。天问三号任务由两次发射组成，使用长征五号火箭分别发射搭载着陆器和上升器的有效载荷以及搭载轨道器和返回舱的有效载荷。任务的一大目标是将约 600 克的火星土壤样品送回地球。如果发射时间是在 2028 年，那么火星样品预计会在 2031 年 7 月左右送回地球。

Positive Technologies запустила бесплатный тренажер по расследованию киберинцидентов.

Как простая доверчивость может стоить вам всех своих сбережений.

A vulnerability was found in istyle cosme App on iOS/Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Custom URL Scheme Handler. The manipulation leads to improper authorization. This vulnerability is known as CVE-2024-45203. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in AZIndex Plugin up to 0.8.1 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-7688. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in AZIndex Plugin up to 0.8.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-7687. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Pocket Widget Plugin up to 0.1.3 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-7918. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in EventON Plugin up to 2.2.16 on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-6910. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.