Aggregator

青藤天睿•RASP——为应用植入原生安全能力

青藤天睿•RASP——为应用植入原生安全能力

青藤天睿•RASP——为应用植入原生安全能力

Новая атака показала, что порой модули опаснее, чем сам вирус.

ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files,” the company shared in an 8-K filed on Monday with the US Securities and Exchange Commission. The … More →

The post US government, energy sector contractor hit by ransomware appeared first on Help Net Security.

ByteHouse云数仓产品白皮书正式发布

只是概念验证，并非活跃威胁

速修复

ISC Stormcast For Tuesday, December 3rd, 2024 https://isc.sans.edu/podcastdetail/9238, (Tue, Dec 3rd)

Zabbix认证后SQL注入漏洞(CVE-2024-42327)

Cybersecurity compliance may feel overwhelming, but a few clear steps can make it manageable and ensure your business stays on the right side of regulatory requirements

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s internal security service Piotr Pogonowski. News of the arrest of Piotr Pogonowski was first reported by the […]

Welcome to ANY.RUN’s monthly updates, where we give you all the details on our latest features and enhancements.  November has been a month of innovation at ANY.RUN, with major upgrades. We’ve launched Smart Content Analysis as part of Automated Interactivity, updated the home screen of TI Lookup featuring an interactive MITRE ATT&CK matrix connected with […]

The post Release Notes: MITRE ATT&CK Matrix with Samples, Upgraded Automated Interactivity, Expanded Threat Coverage, and More appeared first on ANY.RUN's Cybersecurity Blog.

快来开启《CTF训练营-Web篇》的学习之旅吧！

涉案金额高达610亿韩元

看雪论坛作者ID：是气球呀

A vulnerability classified as problematic was found in Oracle Database Server up to 8.1.5. Affected by this vulnerability is an unknown functionality of the file nmiconf.tcl of the component Intelligent Agent. The manipulation of the argument ORACLE_HOME as part of Environment Variable leads to Local Privilege Escalation. This vulnerability is known as CVE-1999-0888. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

为最大限度切断境内不法分子与境外诈骗集团勾结的犯罪链条，近日，最高人民检察院、公安部决定继续联合挂牌督办第四批8起特大跨境电信网络诈骗犯罪案件，依法从重从快严厉打击跨境电信网络诈骗及境内关联违法犯罪活动。

欧洲理事会2日通过两项关于网络安全的法案，旨在进一步加强欧盟抵御网络威胁的能力和网络团结合作。这两项法律分别为《网络团结法案》和《网络安全法案》修正案，属于欧盟网络安全立法“一揽子计划”的一部分。

近日，《全球数据跨境流动合作倡议》全文对外发布，就各方普遍关切的数据跨境流动治理问题提出了建设性解决思路，明确中国促进全球数据跨境流动合作的立场主张。