Aggregator

Submit #418061 / VDB-279946

Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented characters," Jscrambler researchers said in an analysis. "The heavy use of Unicode characters, many

Анимация-предатель ставит под удар системы пользователей.

随着模块化、面向对象和微服务等现代软件开发模式的广泛应用，API(应用程序编程接口)的作用已经从传统的系统内部 […]

新闻速览 •9项网络安全国家标准获批发布，2024年4月1日起施行 •2024 年第三季邮件安全态势观察：二维 […]

近日，海外网站更新了台湾苗栗地区的卫星影像数据，意外曝光台军目前正在整建位于台苗栗县西湖乡的原“胜利女神”导弹阵地。根据整建情况初步分析判断，该导弹阵地整建完成后将进驻“爱国者”防空导弹系统。

第四届全国开源情报技术大会（The 4th China Open Source Intelligence Technology Conference，COSINT 2024）将于2024年10月26日至27日在湖北武汉召开。

议题征集、观众报名持续火热进行中！

Critical Infrastructure Firms Are Hiring - and Paying Well
As digital transformation continues to reshape industries, the convergence of operational technology and cybersecurity has emerged as a critical area of focus. But there's a noticeable gap in the workforce. Professionals who truly understand both OT and cybersecurity are in short supply.

Justice Department Aiming to Emphasize Privacy and Security in AI Deployment
The U.S. Department of Justice is drafting new guidelines for law enforcement on the use of artificial intelligence and facial recognition tools to enhance public safety while safeguarding civil rights and ensuring ethical deployment, a senior official said Wednesday.

WestCap-Led Funding to Drive Click-Fraud Protection, Ad Integrity Expansion
Human Security's recent $50 million growth funding, led by WestCap, will drive the development of click-fraud defense and enhance advertising integrity solutions. CEO Stu Solomon aims to leverage the funding for scaling the engineering and data science teams, addressing emerging fraud threats.

Hotel Chain Also Settles with Federal Trade Commission
The world's largest hotel chain agreed Wednesday to pay $52 million and agree to two decades of third-party monitoring of its cybersecurity program to settle a rash of data breaches affecting millions of guests. The multi-million payout is part of a settlement reached with 50 U.S. attorneys general.

Cyber Bill Says the Government Can't Use Information to Prosecute Victims
Ransom payments are typically tightly held secrets between cybercriminals and their victims, but the Australian government has introduced a cybersecurity bill in Parliament that would require larger businesses to report ransom payments to the government.

Submit #415992 / VDB-173150

A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDescription leads to cross site scripting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2024-9792. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to replace the affected component with an alternative.

Submit #415991 / VDB-192236

Submit #415988 / VDB-173151

A vulnerability was found in Wireshark up to 4.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component ITS Dissector. The manipulation leads to missing initialization of a variable. This vulnerability is handled as CVE-2024-9780. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.