Aggregator

关注我们带你读懂网络安全2024年是网络安全行业发生巨变的一年，不仅攻击技术在AI的推动下更加复杂化，监管要求也更加严格。以下是对2024年呈现的网络安全十大新趋势的全面盘点和解析：1AI编程助手暗藏

关注我们带你读懂网络安全Meta（Facebook）在2018年披露了一起安全事件，攻击者利用产品功能设计漏洞，抓取了约2900万个Facebook账号的个人信息，其中约300万个账号位于欧盟；爱尔兰

违反了GDPR数据保护原则

A vulnerability has been found in Linux Kernel up to 2.6.11 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Filesystem. The manipulation leads to denial of service. This vulnerability is known as CVE-2005-0815. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

具备强大的内容识别能力，出色的理解推理和细腻的视觉描述表现。

豆包·视觉理解模型于 12 月 18 日在火山引擎 Force 原动力大会首次亮相。该模型具备非常强的内容识别能力，同时，拥有出色的理解推理和细腻的视觉描述表现。一同亮相的，还有升级版豆包主力通用模型

Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers linked several targeted attacks to a cyber espionage group known as The Mask. The APT group targeted an organization in Latin America in 2019 and 2022. Threat actors accessed an MDaemon email server and used […]

The Mask APT is back after 10 years of silence Pierluigi Pagani

根据国家信息安全漏洞库（CNNVD）统计，本周2024年12月9日至2024年12月15日）安全漏洞情况如下。

点击蓝字 关注我们漏洞情况根据国家信息安全漏洞库（CNNVD）统计，本周2024年12月9日至2024年12月15日）安全漏洞情况如下：公开漏洞情况本周CNNVD采集安全漏洞1265个。接报漏洞情况本

A vulnerability was found in Oracle Enterprise Data Quality 8.1.2/9.0.11. It has been rated as critical. Affected by this issue is some unknown functionality in the library lib/commons-beanutils-1.8.0.jar of the component Launchpad. The manipulation of the argument this leads to improper input validation. This vulnerability is handled as CVE-2014-0114. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

通告编号:NS-2024-00372024-12-18TAG：Tomcat、条件竞争、代码执行、CVE-2024-50379漏洞危害：攻击者利用该漏洞，可实现远程代码执行版本：1.01漏洞概述近日，绿

近日，绿盟科技CERT监测到Apache发布安全公告，修复了Apache Tomcat条件竞争代码执行漏洞（CVE-2024-50379）。CVSS评分9.8，目前漏洞PoC已公开，请相关用户尽快采取措施进行防护。

A CLM policy also puts you in the best position to mitigate and prevent cyberthreats, including man-in-the-middle attacks and phishing scams.

The post 5 Reasons to Create a Certificate Lifecycle Management Policy for the New Year appeared first on Security Boulevard.

Are you in the market for a good New Year’s resolution? You won’t find a more rewarding one (at

立即查看漏洞详情

漏洞概况Tomcat 是一个开源的、轻量级的 Web 应用服务器 和 Servlet 容器。它由 Apache 软件基金会下的 Jakarta 项目开发，是目前最流行的 Java Web 服务器之一。

Datadog Security Labs的网络安全研究人员发现，名为MUT-1244的威胁行为者发起了一项为期一年的恶意攻击活动，导致超过39万个WordPress凭证被盗。研究称，该行为者利用一个