Aggregator

Pentests once a year? Nope. It’s time to build an offensive SOC

The Hackers News
11 months ago
You wouldn’t run your blue team once a year, so why accept this substandard schedule for your offensive side? Your cybersecurity teams are under intense pressure to be proactive and to find your network’s weaknesses before adversaries do. But in many organizations, offensive security is still treated as a one-time event: an annual pentest, a quarterly red team engagement, maybe an audit sprint
The Hacker News

Pentests once a year? Nope. It’s time to build an offensive SOC

不安全
11 months ago
文章指出传统年度渗透测试无法应对持续变化的安全威胁,并提出建立“进攻型安全运营中心”(Offensive SOC),通过持续漏洞发现、攻击模拟、自动化渗透测试和配置漂移检测等手段提升防御能力。Picus平台帮助组织实现这一目标,助力安全团队主动发现风险并快速修复。

China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community

The Hackers News
11 months ago
The Tibetan community has been targeted by a China-nexus cyber espionage group as part of two campaigns conducted last month ahead of the Dalai Lama's 90th birthday on July 6, 2025. The multi-stage attacks have been codenamed Operation GhostChat and Operation PhantomPrayers by Zscaler ThreatLabz. "The attackers compromised a legitimate website, redirecting users via a malicious link and
The Hacker News

Feature Highlight: DLL Hollowing

不安全
11 months ago
VMRay平台升级动态分析引擎至2025.2版本,增强对DLL空洞注入等代码注入技术的检测能力。文章以HijackLoader为例,展示其利用DLL空洞注入执行恶意代码的过程,并通过功能日志和YARA签名实现检测与分析。

FDA 的 AI 工具被发现捏造研究

Solidot
11 months ago
FDA 几周前宣布使用名为 Elsa 的 AI 工具去加快药品和医疗设备的审批速度。内部人士称 Elsa 可用于生成会议记录和摘要或创建电子邮件和公报模板,但它也会捏造不存在的研究——也就是所谓的“幻觉”。FDA 内部人士称,幻觉让 Elsa 变得不可靠,无法用于重要工作。一位工作人员说,任何你没有时间仔细核查的东西都是不可靠的,AI 会很自信的产生幻觉。另一名工作人员说,AI 本应该帮助节省时间,但我浪费了很多额外时间去检查虚假或歪曲的研究。工作人员表示目前 Elsa 无法帮助加快药品和医疗设备的审批,仍然需要科学家进行评估,以确定药品和医疗设备是否安全有效。

AI-generated image watermarks can be easily removed, say researchers

不安全
11 months ago
AI生成图像技术进步使其难以辨别真假。为防止滥用,OpenAI等公司采用防御性水印技术,在图像中嵌入不可见标记以证明其为AI生成。然而,加拿大研究人员开发出UnMarker工具,可移除所有类型水印,使检测率降至43%,表明防御性水印不再可靠。此发现促使需探索新方法对抗深度伪造。

Researchers Exploit Cursor Background Agents to Take Over Amazon EC2 Instance

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
11 months ago

Security researchers have successfully exploited vulnerabilities in Cursor’s Background Agents to gain unauthorized access to an Amazon EC2 instance, demonstrating critical risks associated with SaaS applications that integrate deeply with cloud infrastructure. The researchers immediately disclosed their findings to Cursor’s security team, who confirmed that safeguards were in place to prevent misuse. Initial Discovery and […]

The post Researchers Exploit Cursor Background Agents to Take Over Amazon EC2 Instance appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

The Hackers News
11 months ago
Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared Wednesday, said the findings are based on an "expanded analysis and threat intelligence from our continued monitoring of exploitation activity by Storm-2603." The threat actor attributed to the financially
The Hacker News

Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems

不安全
11 months ago
微软披露一中国关联威胁行为者正利用SharePoint漏洞部署Warlock勒索软件。该行为者通过 CVE-2025-49706 和 CVE-2025-49704 漏洞,在未修补服务器上植入 spinstall0.aspx 木马以获取初始访问权限,并通过 cmd.exe 和批处理脚本深入网络。微软建议用户升级至支持版本、应用最新补丁并启用安全功能以应对已影响至少 400 名用户的攻击。

Against the Censorship of Adult Content By Payment Processors

不安全
11 months ago
这篇文章讨论了支付处理器被用作审查工具的问题,指出其对网络自由表达构成威胁。作者回顾了历史案例,并分析了Collective Shout等组织如何利用支付压力审查内容。文章强调这是一个政治问题,并呼吁采取法律和集体行动来应对审查威胁。

Managed ad