Aggregator

Photopea 开发者新作 Vectorpea：免费在线矢量图编辑器

首发 | 美国国家安全局的红队行动

每日安全动态推送(24/12/11)

SentinelOne achieves 100% detection and zero detection delays in the MITRE ATT&CK® Evaluations: Enterprise 2024.

The post SentinelOne Continues to Set the Standard in MITRE ATT&CK® Evaluations | 100% Detection, Zero Delays and 88% Less Noise appeared first on SentinelOne.

Report: Financial Orgs Shift to Multi-Cloud to Address Cyberthreats and Regulation
Financial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. Although the move enhances flexibility and disaster recovery, challenges remain, from implementation costs to a growing skills gap.

The Korean Financial Security Institute (K-FSI) disrupted a fraudulent network that made $6.3m by stealing money from fake personal trading platforms

Hackers are constantly evolving, and so too should our security protocols.

把重要的日子放在桌面：挑本新年日历，迎接 2025

年终冲击倒计时，问鼎榜单top one！

99% 的人每天只是在玩 AI 设计的非常好玩的游戏，最终目的是为 AI 生成人类的各种数据，帮助 AI 迭代。

A vulnerability, which was classified as critical, has been found in Apache Struts up to 2.3.37/2.5.33/6.3.0.2. Affected by this issue is some unknown functionality of the component File Upload. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-53677. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The backbone of any DDoS defense is accurate, operationalized threat intelligence. Without the properly vetted knowledge that world-class threat intelligence provides, your networks have the ability to identify and mitigate only a small percentage of the distributed denial-of-service (DDoS) attacks your organization...

Oasis Security today revealed that it worked with Microsoft to fix a flaw in its implementation of multi-factor authentication (MFA) that could have been used by cybercriminals to gain access to every major Microsoft cloud service

The post Oasis Security Details MFA Security Flaw Found in Microsoft Cloud Services appeared first on Security Boulevard.

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. A remote unauthenticated attacker can exploit the vulnerability to gain administrative access.  The vulnerability was discovered by CrowdStrike’s Advanced Research […]

Масштабная утечка личных данных потрясла Мексику.

US doughnut chain Krispy Kreme suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. [...]

创业公司 Embodied 由于最新一轮的融资未成功，无法再继续运营下去。该公司此前的投资者包括了英特尔旗下的风投 Intel Capital、丰田的 AI Ventures、亚马逊的 Alexa 基金、索尼创新基金和 Vulcan Capital。该公司的产品是 800 美元的儿童情感支持机器人 Moxie。该公司声明，由于财务状况不佳它无法向大部分客户退款。对于在过去 30 天内购买产品的客户，Embodied 表示如果公司或资产出售的话，会尽量优先给他们退款，但无法对此做出保证。Moxie 的核心功能需要通过云端提供，如果公司倒闭，那么设备将会变砖。Embodied 表示服务停止的时间可能就在未来几天，它在探索延长服务的可能性，但无法对此做出保证。