Aggregator

sttr是一款针对字符串的跨平台数据转换与处理工具，旨在帮助广大研究人员对字符串执行各种操作。

ИИ заставляет людей верить в ложные показания.

每日更新当天鲜活情报和热点漏洞

To stay future-proof, organizations are beginning to realize the value of adopting a new way of protecting data assets known as a cyber resilience approach.

The post Three Reasons to Take a New Cyber-Resilient Approach to Data Protection appeared first on Security Boulevard.

Really interesting article on the ancient-manuscript scholars who are applying their techniques to the Voynich Manuscript.

No one has been able to understand the writing yet, but there are some new understandings:

Davis presented her findings at the medieval-studies conference and published them in 2020 in the journal Manuscript Studies. She had hardly solved the Voynich, but she’d opened it to new kinds of investigation. If five scribes had come together to write it, the manuscript was probably the work of a community, rather than of a single deranged mind or con artist. Why the community used its own language, or code, remains a mystery. Whether it was a cloister of alchemists, or mad monks, or a group like the medieval Béguines—a secluded order of Christian women—required more study. But the marks of frequent use signaled that the manuscript served some routine, perhaps daily function...

The post On the Voynich Manuscript appeared first on Security Boulevard.

Traditionally, the focus has been on defending against digital threats such as malware, ransomware, and phishing attacks by detecting them and responding. However, as cyber threats become more sophisticated. There is a growing recognition of the importance of measures that stop new attacks before they are recognized. With high-value assets, it’s not good enough to have the protection, it’s

У науки появилась новая надежда для поиска жизни на Красной планете.

Ropdump旨在检测和分析二进制可执行文件中潜在的ROP小工具、缓冲区溢出和内存泄漏等问题。

Раскрыта фундаментальная уязвимость в защите, которую невозможно исправить.

XMGoat是一款针对Azure的环境安全检测工具，XM Goat 由 XM Cyber Terraform 模板组成，可帮助您了解常见的 Azure 安全问题。

A critical security vulnerability, identified as CVE-2024-22116, has been patched in Zabbix, a popular monitoring solution. The vulnerability allowed an administrator with restricted permissions to execute arbitrary code via the Ping script in the Monitoring Hosts section, potentially compromising the infrastructure. The vulnerability, which had a CVSS score of 9.9, was discovered by justonezero, a […]

The post Zabbix Server Vulnerability Lets Attacker Execute Arbitrary Code Via Ping Script appeared first on Cyber Security News.

Новые правила спасут зашифрованные секреты США от утечек и кибератак.

根据发表在《Cell Reports》期刊上的一项研究，上海交大的研究人员利用脑电波测量和神经成像技术展示西方古典音乐是如何对大脑产生积极影响的。他们的目标是找到更有效的方法，用音乐来激活那些没有反应的人的大脑，比如患有难治性抑郁症的人。这项研究的重点是 13 名患有难治性抑郁症的患者，他们的大脑中已经植入了电极，目的是进行深部脑刺激。这些植入物被放置在连接前脑两个区域的电路中——终纹床核(BNST)和伏核(NAc)。通过这些植入物，研究人员发现，音乐产生抗抑郁效果是通过同步听觉皮层(负责处理感觉信息)和奖励回路(负责处理情感信息)之间的神经振荡。研究中的患者被分为两组：低音乐欣赏和高音乐欣赏。高音乐欣赏组的神经同步性更显著，抗抑郁效果更好，而低音乐欣赏组的效果更差。

X-Recon是一款功能强大的Web安全扫描与检测工具，该工具能够帮助广大研究人员识别网页端输入数据，并执行XSS扫描任务。

One often overlooked aspect in the aftermath of a breach is the meticulous examination of firewall rule histories. These records not only reveal how an attacker gained access but can illuminate the path they took within an organization’s network.

The post The Crucial Role of Firewall Rule Histories appeared first on Security Boulevard.

苹果上个月开始公测其地图服务的 Web 版本，但当时不支持 Firefox 浏览器，只支持 Safari、Chrome 和 Edge 浏览器。现在它加入了对 Firefox 的支持，且地图名都有中英文双语。对中国用户而言，苹果地图在功能上仍然有很多缺失，尚无法替代本地地图服务。用户可通过地图获取驾车和步行路线，寻找地点和有用信息如括照片、营业时间、评分和评论，可以直接从地图的位置卡执行订餐等操作，等等。苹果未来会逐渐添加功能。

欢迎报名

安全研究员在1Password Mac版中发现多个漏洞，攻击者可以利用这些漏洞窃取存储在软件保险库中的密码

看雪论坛作者ID：mb_qzwrkwda