Aggregator

Традиционные системы защиты больше не справляются.

Alleged Leak of Data of Evilzone[.]st

It’s that time of year again: Verizon Business has released the 2025 edition of the Data Breach Investigations Report (DBIR), its 18th-annual report on cybercrime. The DBIR is famous for how well it captures the current state of things, analyzing tens of thousands of security incidents to understand the current threat landscape.

The post Verizon 2025 DBIR: Third-party software risk takes the spotlight appeared first on Security Boulevard.

Harness today unfurled a cloud web application and application programming interface (API) protection (WAAP) platform that makes it simpler for security operation (SecOps) teams to defend application environments.

The post Harness Adds Traceable WAAP to Secure Web Apps and APIs appeared first on Security Boulevard.

基于自编码器的泛化性增强加密代理流量识别方法 by ourren

更多最新文章，请访问SecWiki

北京时间 2025 年 4 月 24 日 17 时 17 分，搭载神舟二十号载人飞船的长征二号F遥二十运载火箭在酒泉卫星发射中心点火发射，约 10 分钟后，神舟二十号载人飞船与火箭成功分离，进入预定轨道。飞船入轨后，将按照预定程序与空间站组合体进行自主快速交会对接，神舟二十号航天员乘组将与神舟十九号航天员乘组进行在轨轮换。在空间站工作生活期间，神舟二十号航天员乘组将在空间生命与人体研究、微重力物理科学、空间新技术等领域开展多项实（试）验与应用，进行多次出舱活动，完成空间站碎片防护装置安装、舱外载荷和舱外平台设备安装与回收等任务。 神舟二十号宇航员将在轨驻留半年。

哈勃空间望远镜于 1990 年 4 月 24 日发射，至今在轨运行 35 年。为庆祝在轨 35 周年，NASA/ESA 公布了一系列哈勃拍摄的新太空图像。虽然服役了如此长的时间，哈勃仍然能提供重要的太空观测能力，它仍然是高需求量的空间望远镜。哈勃望远镜至今完成了近 170 万次观测，观测了约 5.5 万个天文目标。截至 2025 年 2 月，基于哈勃的发现产生逾 22,000 篇论文，引用次数逾 130 万。哈勃收集的数据累计存档逾 400 TB。

Currently trending CVE - Hype Score: 6 - This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware ...

Nederlandse steun aan Oekraïne vanwege de oorlog met Rusland. Dat was de reden voor een werkbezoek van koning Willem-Alexander aan het Defensie Grondgebonden Luchtverdedigingscommando. De militairen werken er met materieel als de Patriot. Dus was de luitenant-generaal Bestkazerne de meest uitgelezen plek om toelichting te geven op geleverde steun. 

Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. [...]

Defensie heeft 150 breed inzetbare patrouillevoertuigen besteld voor het Korps Mariniers. Het contract wordt eind juni officieel ondertekend. Het gaat om een variant van de Joint Light Tactical Vehicle (JLTV) van de Amerikaanse fabrikant Oshkosh. Die levert ze naar verwachting in 2028.

A vulnerability, which was classified as critical, was found in Telos Alliance Omnia MPX Node up to 1.4.9. This affects an unknown part of the component System Setting Handler. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2022-45562. Access to the local network is required for this attack. Furthermore, there is an exploit available.

A vulnerability has been found in Lazy Mouse and classified as critical. This vulnerability affects unknown code. The manipulation leads to weak password requirements. This vulnerability was named CVE-2022-45482. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Lazy Mouse. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is known as CVE-2022-45483. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Tenda AC6 15.03.05.19. It has been rated as critical. This issue affects the function formSetClientState. The manipulation of the argument limitSpeedUp leads to buffer overflow. The identification of this vulnerability is CVE-2022-45646. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.19. Affected is the function formSetClientState. The manipulation of the argument limitSpeed leads to buffer overflow. This vulnerability is traded as CVE-2022-45647. The attack needs to be done within the local network. There is no exploit available.

A vulnerability classified as critical was found in Tenda AC6 15.03.05.19. Affected by this vulnerability is the function addWifiMacFilter. The manipulation of the argument deviceId leads to buffer overflow. This vulnerability is known as CVE-2022-45643. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.19_multi. Affected by this issue is the function formSetClientState. The manipulation of the argument deviceId leads to buffer overflow. This vulnerability is handled as CVE-2022-45644. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Tenda AC6 15.03.05.19. It has been declared as critical. Affected by this vulnerability is the function formSetVirtualSer. The manipulation of the argument list leads to buffer overflow. This vulnerability is known as CVE-2022-45651. The attack needs to be done within the local network. There is no exploit available.