Aggregator
百度智能云,迎接 AI 落地的一年
CVE-2024-46755 | Linux Kernel up to 6.10.9 mwifiex_get_priv_by_id null pointer dereference
CVE-2024-6877 | Eliz Software Panel up to 2.3.23 cross site scripting
CVE-2022-4533 | Limit Login Attempts Plus Plugin up to 1.1.0 on WordPress protection mechanism
CVE-2024-46731 | Linux Kernel up to 5.10.225/5.15.166/6.1.108/6.6.49/6.10.8 AMD mc_data out-of-bounds
CVE-2024-34057 | Triangle Microworks TMW IEC 61850 Client Source Code Library up to 12.1.x Message buffer overflow
通过发现隐藏的参数值实现任意用户登录
DoControl introduces security product suite for Google Workspace
DoControl released a security product suite for Google Workspace, designed to protect data, identities, configurations, and third-party connected apps. DoControl’s SSPM provides Google Workspace customers with security capabilities that are not offered by Google’s built-in security ecosystem. Adopted by top Google Workspace customers, DoControl is the SSPM of choice for securing enterprise Google Workspace environments. DoControl’s Google Workspace Posture Management mitigates admin misconfigurations, preventing them from becoming an organization’s Achilles’ heel. DoControl continuously monitors Google … More →
The post DoControl introduces security product suite for Google Workspace appeared first on Help Net Security.
Joint guidance on detecting and mitigating Active Directory compromises
El Cosmico: отель из будущего материализуется в пустыне Техаса
CVE-2003-0866 | Apache Tomcat up to 4.0.6 Catalina Package denial of service (EDB-23245 / Nessus ID 15232)
cobaltstrike权限维持 - 渗透测试中心
Mimikatz的使用及免杀方向(过360,火狐和WindowsDefinder) - 渗透测试中心
《刺客信条:影》推迟到 2025 年 2 月发售
Cybercriminals Hack UK Rail Network Wi-Fi
Fake WalletConnect app on Google Play steals Android users’ crypto
Тёмная сторона хайпа: PDiddySploit атакует фанатов Дидди
Data of 3,191 congressional staffers leaked in the dark web
Wallet Scam: A Case Study in Crypto Drainer Tactics
Key takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often use phishing techniques and leverage smart contracts to enhance their impact. Typically, users are tricked into visiting phishing websites that mimic legitimate cryptocurrency platforms. Drainers then initiate fraudulent transactions and deceive users into signing […]
The post Wallet Scam: A Case Study in Crypto Drainer Tactics appeared first on Check Point Research.