Aggregator
ZDI-CAN-23961: Oracle
6 months ago
A CVSS score 7.5 AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'YingMuo (@YingMuo), working with DEVCORE Internship Program' was reported to the affected vendor on: 2024-07-30, 70 days ago. The vendor is given until 2024-11-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-24774: AutomationDirect
6 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Andrea Micalizzi aka rgod (@rgod777)' was reported to the affected vendor on: 2024-07-30, 70 days ago. The vendor is given until 2024-11-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-24548: Fuji Electric
6 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'kimiya' was reported to the affected vendor on: 2024-07-30, 70 days ago. The vendor is given until 2024-11-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-24773: AutomationDirect
6 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Andrea Micalizzi aka rgod (@rgod777)' was reported to the affected vendor on: 2024-07-30, 70 days ago. The vendor is given until 2024-11-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-CAN-24772: AutomationDirect
6 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Andrea Micalizzi aka rgod (@rgod777)' was reported to the affected vendor on: 2024-07-30, 70 days ago. The vendor is given until 2024-11-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
Новая технология хранения энергии в три раза эффективнее литий-ионных батарей
6 months ago
Углеродные нанотрубки и их потенциал.
【2025合作伙伴巡礼】(内含赠书)成都链安:开启虚拟币案件打击新纪元,链必追战法版革新上线
6 months ago
欢迎试用体验
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
6 months ago
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware.
The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host.
"A
The Hacker News
深信服MSS连续3年远程托管安全服务市场第一,市场份额持续扩大
6 months ago
近日,IDC发布《中国托管安全服务(MSS)市场份额,2023:降本增效,智能领航》(Doc#CHC52410 […]
深信服
【安全圈】黑客攻击 HFS 服务器以投放恶意软件和 Monero 矿工
6 months ago
【安全圈】防不胜防:黑客可利用 AI 通过 HDMI 线远程窃取屏幕信息
6 months ago
【安全圈】Chrome漏洞致1500万Windows用户密码丢失!
6 months ago
【安全圈】五男子使用“AI换脸”技术破解平台认证篡改系统数据牟取暴利被判刑
6 months ago
OAuth+XSS组合拳,数百万Web账户或将易主
6 months ago
同样的漏洞组合可能在互联网大范围内潜伏,这使得更多的在线服务可能面临同样的问题。
微软:警惕利用VMware ESXi进行身份验证绕过攻击
6 months ago
微软于7月29日发布警告,称勒索软件团伙正在积极利用 VMware ESXi 身份验证绕过漏洞进行攻击。
【移动样本分析】移动端假冒借贷,诈骗APP病毒家族逆向
6 months ago
最新又遇到一个移动端假冒借贷诈骗APP病毒家族,今天来搞一搞。还是老样子只分析网络行为,过程写的比较啰嗦,主要是分享思路和研究成果,讨论技术问题。样本不传,只展示目录结构。环境及工具:夜神模拟器Android9、算法助手、JADX、小黄鸟。
iOS 18.1发布苹果AI测试版,曾因隐私问题遭吐槽
6 months ago
马斯克在X平台连续发布多条内容,指责苹果没有选择自研AI,而是与OpenAI合作,无法保证用户的数据安全。
【公益译文】国防工业基础网络安全战略(下)
6 months ago
全文共8557字,阅读大约需15分钟。
【公益译文】国防工业基础网络安全战略(上)
6 months ago
全文共6353字,阅读大约需13分钟。