Aggregator

LLM越狱攻击与防御框架

信息安全知识库
8 months 4 weeks ago
本文链接


《LLM越狱攻击预防与框架 v3.3》系统梳理了大语言模型从指令注入到多模态对抗、表征工程到智能体工具滥用的全部越狱路径,配套可落地的防御体系(对齐-检测-沙箱-监控)。文档以威胁模型为纲,将攻击按提示工程、输出结构、优化、模糊、组合、MCP滥用六大类拆解,并提供测试脚本与红队演练方案,帮助安全团队在模型全生命周期内快速定位脆弱点、迭代加固。适用于AI产品、红队及合规审计人员。

CVE-2025-20133 | Cisco ASA/Firepower Threat Defense SSL VPN memory leak (cisco-sa-asaftd-vpn-dos-mfPekA6e / WID-SEC-2025-1839)

Vuldb Updates
8 months 4 weeks ago
A vulnerability classified as critical has been found in Cisco ASA and Firepower Threat Defense. Affected by this issue is some unknown functionality of the component SSL VPN. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-20133. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20135 | Cisco ASA/Firepower Threat Defense Software DHCP Client memory leak (cisco-sa-asaftd-dhcp-qj7nGs4N / WID-SEC-2025-1839)

Vuldb Updates
8 months 4 weeks ago
A vulnerability described as problematic has been identified in Cisco ASA and Firepower Threat Defense Software. This affects an unknown part of the component DHCP Client. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2025-20135. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20253 | Cisco Adaptive Security Appliance Software IKEv2 Feature infinite loop (cisco-sa-asa-ftd-ios-dos-DOESHWHy / WID-SEC-2025-1838)

Vuldb Updates
8 months 4 weeks ago
A vulnerability was found in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component IKEv2 Feature. The manipulation leads to infinite loop. This vulnerability is known as CVE-2025-20253. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20239 | Cisco IOS/ASA/IOS XE/Firepower Threat Defense IKEv2 memory leak (cisco-sa-asa-ftd-ios-dos-DOESHWHy / WID-SEC-2025-1838)

Vuldb Updates
8 months 4 weeks ago
A vulnerability categorized as problematic has been discovered in Cisco IOS, ASA, IOS XE and Firepower Threat Defense. This affects an unknown part of the component IKEv2 Handler. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2025-20239. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20127 | Cisco ASA/Firepower Threat Defense denial of service (cisco-sa-3100_4200_tlsdos-2yNSCd54 / WID-SEC-2025-1839)

Vuldb Updates
8 months 4 weeks ago
A vulnerability marked as problematic has been reported in Cisco ASA and Firepower Threat Defense. Affected is an unknown function. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-20127. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20225 | Cisco IOS/ASA/IOS XE/Firepower Threat Defense IKEv2 memory leak (cisco-sa-asa-ftd-ios-dos-DOESHWHy / WID-SEC-2025-1838)

Vuldb Updates
8 months 4 weeks ago
A vulnerability was found in Cisco IOS, ASA, IOS XE and Firepower Threat Defense. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IKEv2 Handler. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-20225. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Hype Cycle for Security Operations, 2025

信息安全知识库
8 months 4 weeks ago
本文链接


Gartner《2025安全运营成熟度曲线》系统梳理了从漏洞管理到持续威胁暴露管理(CTEM)的演进路径,突出AI SOC代理、暴露评估平台(EAP)、对抗性暴露验证(AEV)等前沿技术的成熟度与商业价值。报告强调将传统资产可见性、威胁检测与响应、身份威胁检测与响应、网络检测与响应等能力整合为可编排、可度量的运营体系,以应对云原生、混合办公及CPS(网络-物理系统)带来的新攻击面。同时提供优先级矩阵,帮助企业在2年内快速落地高价值场景,或在5-10年内布局变革性架构如网络安全网格(CSMA)。

AI Agents for Offsec with Zero False Positives

信息安全知识库
8 months 4 weeks ago
本文链接


本文是Black Hat USA 2025议题《AI Agents for Offsec with Zero False Positives》的讲稿,作者Brendan Dolan-Gavitt提出“AI代理+确定性验证”方案,解决传统LLM在漏洞挖掘中的高误报难题。通过“证据-验证”双阶段流程:LLM先定位可疑点,再用非AI脚本(flag回显、时延差异、缓存投毒等)进行可复现验证,已在Docker Hub 2500万镜像扫描中捕获174个漏洞、22个CVE,误报率趋近零。文中给出Redmine权限绕过、Druid SSRF、MapProxy文件读取等实战案例,并开源自动化工具链,为大规模安全测试提供新范式。

人工智能和数据保护培训课程之使用个人数据的安全AI系统基础知识

信息安全知识库
8 months 4 weeks ago
本文链接


本书是欧盟“支持专家库”项目官方教材,专为AI、隐私与网络安全交叉人才写作。全书以MLOps生命周期为主线,系统讲解如何在训练、部署、监控AI系统的每个环节同时满足《人工智能法案》与GDPR要求:从隐私增强技术(差分隐私、联邦学习、合成数据等)到安全代码开发、模型测试、可信运行环境。书中用大量案例与练习帮助企业在处理个人数据时降低法律与伦理风险,实现“高性能+高合规”的AI落地。

CVE-2008-3058 | Octeth Oempro 3.5.5.1 index.php FormValue_SearchKeywords sql injection (EDB-32656 / Nessus ID 35041)

Vuldb Updates
8 months 4 weeks ago
A vulnerability has been found in Octeth Oempro 3.5.5.1 and classified as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument FormValue_SearchKeywords leads to sql injection. This vulnerability is handled as CVE-2008-3058. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-20254 | Cisco ASA/Firepower Threat Defense IKEv2 memory leak (cisco-sa-asa-ftd-ios-dos-DOESHWHy / WID-SEC-2025-1838)

Vuldb Updates
8 months 4 weeks ago
A vulnerability was found in Cisco ASA and Firepower Threat Defense. It has been rated as problematic. This vulnerability affects unknown code of the component IKEv2 Handler. The manipulation leads to memory leak. This vulnerability was named CVE-2025-20254. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad