Aggregator

随着数字经济的快速发展，数据已成为国家基础性战略资源和关键生产要素。近年来，农业银行积极融入数字中国建设，把数字经营作为三大战略之一，并将数据管理作为重要内容融入全行“十四五”规划，全面推进数字化转型。

中央网络安全和信息化委员会办公室秘书局、工业和信息化部办公厅、公安部办公厅、国家市场监督管理总局办公厅近日联合印发通知，部署开展“清朗·网络平台算法典型问题治理”专项行动。

深入学习贯彻党的二十届三中全会精神，健全网络综合治理体系，必须坚持以习近平法治思想和习近平总书记关于网络强国的重要思想为科学指引，紧密结合我国网信事业发展实际，把坚持依法治网落到实处，让法治的触角更加灵敏，不断向网络空间发展的前沿延伸……

近期一种观点认为，AI可能会终结后发国家的赶超优势，固化“强者恒强”的国际政治经济格局。这种观点的依据是，传统上，后发国家往往可以通过学习经验、减少试错成本、以较低成本引入先进技术等方式实现后发赶超。但在AI领域，这种“后发效应”不灵了。

2025年《中国信息安全》杂志征订开始！

我国高度重视网络暴力治理，一体化布局网络暴力治理立法、执法和司法工作，切实维护公民权益和网络秩序。面对持续发展的互联网和愈加复杂的网络暴力现状，必须在法治轨道上持续综合施策，构建更加高效完备的网络暴力治理法治体系。

Мошенники превращают популярные программы в инструмент шантажа.

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=delete_tenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-11860. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #449684 / VDB-286245

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024. "In this attack,

恒星引力做对了什么？

Зачем переплачивать за стилер, если теперь он доступен бесплатно?

在网上，有好多能把 Linux 系统重装成 Windows 系统的脚本。但是呢，能把 Windows 系统重装成 Linux 系统的脚本特别少。萌咖的 dd 脚本，因为它所在的服务器停用了，相关...

A vulnerability was found in SMA Sunny Central SC 1760-US, Sunny Central SC 1850-US, Sunny Central SC 2000 EV-US, Sunny Central SC 2000-US, Sunny Central SC-2200-10, Sunny Central SC 2200-US, Sunny Central SC-2475-10, Sunny Central SC 2500 EV-US, Sunny Central SC 2660 UP, Sunny Central SC 2660 UP-US, Sunny Central SC 2750 EV-US, Sunny Central SC 2750 UP-US, Sunny Central SC 2800 UP, Sunny Central SC 2800 UP-US, Sunny Central SC 2930 UP, Sunny Central SC 2930 UP-US, Sunny Central SC 3060 UP, Sunny Central SC 3060 UP-US, Sunny Central SC 4000 UP, Sunny Central SC 4000 UP-US, Sunny Central SC 4200 UP, Sunny Central SC 4200 UP-US, Sunny Central SC 4400 UP, Sunny Central SC 4400 UP-JP, Sunny Central SC 4400 UP-US, Sunny Central SC 4600 UP, Sunny Central SC 4600 UP-US, Sunny Central Storage SCS-1900-10, Sunny Central Storage SCS-2200-10, Sunny Central Storage SCS 2300 UP-XT, Sunny Central Storage SCS 2300 UP-XT-US, Sunny Central Storage SCS 2400 UP-XT, Sunny Central Storage SCS 2400 UP-XT-US, Sunny Central Storage SCS-2475-10, Sunny Central Storage SCS 2530 UP-XT, Sunny Central Storage SCS 2530 UP-XT-US, Sunny Central Storage SCS 2630 UP-XT, Sunny Central Storage SCS 2630 UP-XT-US, Sunny Central Storage SCS-2900-10, Sunny Central Storage SCS 3450 UP, Sunny Central Storage SCS 3450 UP-US, Sunny Central Storage SCS 3450 UP-XT, Sunny Central Storage SCS 3450 UP-XT-JP, Sunny Central Storage SCS 3450 UP-XT-US, Sunny Central Storage SCS 3600 UP, Sunny Central Storage SCS 3600 UP-US, Sunny Central Storage SCS 3600 UP-XT, Sunny Central Storage SCS 3600 UP-XT-US, Sunny Central Storage SCS 3800 UP, Sunny Central Storage SCS 3800 UP-US, Sunny Central Storage SCS 3800 UP-XT, Sunny Central Storage SCS 3800 UP-XT-US, Sunny Central Storage SCS 3950 UP, Sunny Central Storage SCS 3950 UP-US, Sunny Central Storage SCS 3950 UP-XT and Sunny Central Storage SCS 3950 UP-XT-US. It has been rated as critical. Affected by this issue is some unknown functionality of the component Administration Panel. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-11025. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

In this article, ANY.RUN‘s analyst team will explore a malicious loader known as PSLoramyra. This advanced malware leverages PowerShell, VBS, and BAT scripts to inject malicious payloads into a system, execute them directly in memory, and establish persistent access.   Classified as a fileless loader, PSLoramyra bypasses traditional detection methods by loading its primary payload entirely […]

The post PSLoramyra: Technical Analysis of Fileless Malware Loader appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability was found in Zyxel ATP, USG FLEX, USG FLEX 50(W) and USG20(W)-VPN up to 5.38. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to path traversal. This vulnerability is known as CVE-2024-11667. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Zoho ManageEngine Analytics Plus up to 6099. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-52323. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.