Aggregator

在全球数字化转型浪潮中，企业数据量年均增长率超过 30%，电子文档作为核心数据载体，其安全防护已成为企业数字化 […]

新闻速览 • 国家网络安全通报中心提醒：重点防范10个境外恶意网址和恶意IP • CNVD：关于Fo […]

TS Solution тестирует возможности защиты системы анализа трафика.

Как хакеры продолжили обходить защиту даже после официального исправления?

根据 Newzoo 的《2025 PC and Console Gaming Report》，2024 年 58% 的 PC 游戏收入来自微交易。PC 游戏的微交易总收入为 244 亿美元，同比增长 1.4%，其增长主要由三款游戏《使命召唤：黑色行动 6》、《Roblox》和《堡垒之夜》推动。PC 游戏的 DLC 收入增长 0.8% 至 53 亿美元，也主要由三款游戏《暗黑破坏神 4》、《艾尔登法环》和《魔兽世界》的 DLC 推动。PC 游戏总收入在 2024年上涨 0.1% 达到 373 亿美元。Newzoo 预测 2025 年 PC 游戏收入将增长到 379 亿美元，2027 年将达到 400 亿美元。

修复的被积极利用的零日漏洞，微软将其归类为公开披露或被积极利用，而没有官方修复。

在 Next.js 这个开源的 Web 开发框架中，发现了一个严重漏洞，攻击者有可能借此绕过授权检查。

Rockwell Automationが提供するArenaには、複数の脆弱性が存在します。

SUBNET Solutionsが提供するPowerSYSTEM Center 2020には、複数の脆弱性が存在します。

ABBが提供する複数のArtic製品には、複数の脆弱性が存在します。

In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets. From a threat modeling perspective, what unique adversary tactics do you see in the crypto space that don’t often appear in traditional finance? The adversaries themselves aren’t fundamentally different between traditional finance and the crypto industry, but certain of the tactics they employ are … More →

The post Why security culture is crypto’s strongest asset appeared first on Help Net Security.

INFINITT Healthcareが提供するINFINITT PACS System Managerには、複数の脆弱性が存在します。

Currently trending CVE - Hype Score: 3 - A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request

Currently trending CVE - Hype Score: 30 - Active Directory Domain Services Elevation of Privilege Vulnerability

Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average cost of these third-party incidents jumped by 72%. “Remote access tools like VPNs and RDP continue to attract a high level of attention from cybercriminals. In 2024, they were correlated with 80% of ransomware attacks, up … More →

The post Ransomware groups push negotiations to new levels of uncertainty appeared first on Help Net Security.

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. "The

立即查看详情 →

立即查看详情 →

Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t have the security features of corporate environments. Bring Your Own Device (BYOD): Personal devices are frequently used for work, but these devices may not have the same security protections as company-issued ones. They often lack up-to-date software, antivirus protection, and can … More →

The post Why remote work is a security minefield (and what you can do about it) appeared first on Help Net Security.