Aggregator
码上报名 | 基于切面技术实现线上软件供应链安全防护
1 year 8 months ago
“切面融合智能,构建新一代网安基建”见解论坛,即将在9月5日下午隆重举办。
ZDI-CAN-25269: PDF-XChange
1 year 8 months ago
A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Mat Powell of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-27, 21 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-25267: Foxit
1 year 8 months ago
A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Mat Powell of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-27, 30 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-25265: Logsign
1 year 8 months ago
A CVSS score 4.3 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N severity vulnerability discovered by 'Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro ' was reported to the affected vendor on: 2024-08-27, 30 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-25270: Delta Electronics
1 year 8 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bobby Gould of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-27, 49 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-25031: Delta Electronics
1 year 8 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Guillaume Orlando' was reported to the affected vendor on: 2024-08-27, 66 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-25090: Microsoft
1 year 8 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2024-08-27, 66 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-25268: PDF-XChange
1 year 8 months ago
A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Mat Powell of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-27, 21 days ago. The vendor is given until 2024-12-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
Pidgin: открытый код и скрытая угроза в одном плагине
1 year 8 months ago
Пользователи даже не подозревали, что их действия отслеживались в реальном времени.
CSTIS就防范新型ValleyRAT恶意软件发布风险提示;上海电信发生断网事故,部分云宽带业务受到影响 | 牛览
1 year 8 months ago
新闻速览•CSTIS就防范新型ValleyRAT恶意软件发布风险提示•FBI存储设备管理存在重大安全隐患,将安装“防护笼”•上海电信发生断网事故,部分云宽带业务受到影响•西雅图国际机场遭遇网络攻击,多
高级端点安全防护方案发展的12个关键特性
1 year 8 months ago
从移动设备、PC、服务器再到云上的容器,各种类型的端点设备应用日益复杂,同时也成了黑客们重点关注的攻击目标。对于企业的安全团队来说,有效管理并保护端点应用安全是一项充满挑战的工作。为了应对不断变化的端
Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation
1 year 8 months ago
Google has revealed that a security flaw that was patched as part of a software update rolled out last week to its Chrome browser has come under active exploitation in the wild.
Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine.
"Inappropriate implementation in V8 in Google Chrome prior to
The Hacker News
Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation
1 year 8 months ago
Vulnerability / Browser SecurityGoogle has revealed that a security flaw that was patched as part
幕后操控者:美国情报界合同授予专报分析
1 year 8 months ago
点击上方蓝字关注我们随着技术的进步和全球安全环境的变化,美国情报界的领域也在不断扩展,包括网络安全、数据科学、
【可用POC已公开】Windows TCP/IP IPv6远程拒绝服务/代码执行漏洞(CVE-2024-38063)安全风险通告
1 year 8 months ago
致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。
网络攻击影响《黑神话:悟空》发布:Steam平台遭受威胁
1 year 8 months ago
胡金鱼
网络攻击影响《黑神话:悟空》发布:Steam平台遭受威胁
1 year 8 months ago
近日,备受瞩目的动作角色扮演游戏《黑神话:悟空》遭遇网络攻击,这一事件引发广泛关注。该游戏由中国游戏开发公司 Game Science 开发,是一款基于中国古代神话《西游记》的开放世界游戏。
攻击的影响主要集中在游戏的发布平台——Steam上。
事件背景
《黑神话:悟空》自首次公布以来,就吸引了大量游戏爱好者的关注。其精美的画面和创新的玩法让人对这款游戏充满期待。然而,这也使得它进入攻击者视线,并对 Steam 平台发起了网络攻击。
攻击详情
根据多方报道,攻击者通过对 Steam 平台进行分布式拒绝服务(DDoS)攻击,导致平台出现了大规模的服务中断和不稳定现象。这种攻击通常会通过大量伪造的流量挤占目标服务器的资源,进而导致正常用户无法访问服务。
事件影响
此次攻击不仅影响了 Steam 平台的正常运营,也对《黑神话:悟空》的发布造成了不小的困扰。开发公司 Game Science 已经发布声明,表示他们正在与 Steam 平台紧密合作,尽快解决问题,确保游戏能够如期发布。
Steam 平台方面则对外表示,他们已经采取了紧急措施来应对攻击,并加强了系统的安全防护。他们还承诺将继续关注事态的发展,并与相关方保持沟通,以最大限度减少对用户的影响。
后续发展
目前,关于此次网络攻击的具体原因和攻击者身份仍然不明确。专家表示,这类攻击可能与游戏的高关注度有关,攻击者可能试图通过这种方式制造混乱,影响游戏的发售。
文章参考自:Game Science 官方声明. Game Science 网站
Steam 平台公告.Steam 新闻中心
《黑神话:悟空》网络攻击相关报道. IGN. IGN 网站
《黑神话:悟空》遭遇的网络攻击分析. GameSpot. GameSpot 网站
胡金鱼
Live Webinar | Adapting Firewalls and Proxy Gateways in the Zero Trust Era
1 year 8 months ago
Auditors Uncover Lax FBI Hard Drive Disposal Practices
1 year 8 months ago
Hard Drives Slated For Destruction Kept in Open Cardboard Boxes
The FBI had a loose hard disk disposal problem that auditors say put classified information at risk. The bureau, auditor said, has a tracking system for obsolete computers and servers earmarked for destruction - but not for storage media extracted from the computer chassis.
The FBI had a loose hard disk disposal problem that auditors say put classified information at risk. The bureau, auditor said, has a tracking system for obsolete computers and servers earmarked for destruction - but not for storage media extracted from the computer chassis.