Aggregator

邬江兴院士指出，数字经济时代数据成为关键生产要素，但“存储程序控制”的先天基因缺陷使网络空间安全威胁愈演愈烈。为此提出中国原创的“内生安全+拟态防御”范式：通过动态异构冗余（DHR）构造，把未知漏洞扰动转化为可控概率问题，实现设计安全、默认安全、开箱即用。六年全球众测证明，采用内生安全架构的产品均未攻破，已纳入11项通信行业标准，成为数字生态底层驱动范式转型的“钢筋骨架”。

安恒信息 范渊在2024西湖论剑提出“AI+安全”全景方案：以恒脑大模型与隐私计算为底座，打通数据“供得出、流得动、用得好”全链路；AI分类分级效率提升30倍，隐私计算让跨域数据“可用不可见”。AI安全智能体在亚运、大运实战中告警处置效率提升200%，实现“智能辅助驾驶”式运营。同时发布生成式AI安全防御框架，覆盖训练、部署、运营全周期风险治理，为企业数字化与绿色化协同转型保驾护航。

The United Kingdom has withdrawn its demand that Apple create a backdoor to its encrypted cloud systems following months of diplomatic pressure from the United States, according to a statement from Director of National Intelligence Tulsi Gabbard. Gabbard announced the decision Monday on X, stating that the U.S. government had worked closely with British partners […]

The post UK abandons Apple backdoor demand after US diplomatic pressure appeared first on CyberScoop.

龚克在《西湖论剑》提出：以人工智能为“使能技术”，在信创安全底座之上实现绿色化与数字化协同转型。报告呼应联合国“AI for SDGs”决议，强调大模型即服务（MaaS）降低门槛，通过智能监测、治理、决策重塑能源、制造、环保全链条；同时以信创自主可控保障数据与模型安全，助力中国抢占绿色新质生产力制高点。

Key Takeaways1. ShinyHunters publicly released exploits for critical SAP vulnerabilities.2. Unauthenticated attackers can achieve complete system takeover and remote code execution.3. Immediately apply SAP Security Notes 3594142 and 3604119. A working exploit targeting critical SAP vulnerabilities CVE-2025-31324 and CVE-2025-42999 has been publicly released by the notorious cybercriminal group “Scattered LAPSUS$ Hunters – ShinyHunters” via Telegram […]

The post New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers appeared first on Cyber Security News.

汪玉凯教授在《西湖论剑》指出：数字经济正成为新质生产力的核心引擎，其关键在于平台、数据、互联共享三大新要素的协同放大。报告聚焦“制造强国”主战场，提出以“人工智能+工业互联网”提升智能制造水平；通过数据要素“流动—交易—价值实现”五大主体闭环，释放倍增效应；同时警示网络安全与算力一体化仍是瓶颈。政府应回归法治与政策营造，让市场与民营企业担当主角，方能在2025年把数字经济占比从当前水平拉升至10%。

Today, phishing accounts for the majority of all cyberattacks. The availability of low-cost, easy-to-use Phishing-as-a-Service (PhaaS) platforms like Tycoon2FA, EvilProxy, and Sneaky2FA only makes the problem worse.  These services are actively maintained by their operators; new evasion techniques are regularly added, and the multi-layered infrastructure behind the phishing kits continues to evolve and expand.  But […]

The post Salty 2FA: Undetected PhaaS from Storm-1575 Hitting US and EU Industries  appeared first on ANY.RUN's Cybersecurity Blog.