Aggregator

青藤，让云更安全

这个奇妙的小技巧真的节省了大量时间，赶快收藏啦！

Исследование выявило тенденции в ИБ-среде и волнения специалистов.

Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security firm Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. "Unbeknownst to

蝉鸣半夏，心向网安。中国科学技术大学高新校区，红墙方砖间，一个个怀揣热忱的身影，向阳而行。7月14日至23日

第四届CTF夏令营暨联合战队招新赛开始报名

CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter

Узнайте, как фиолетовая команда объединяет усилия красной и синей команд для усиления кибербезопасности. Преимущества, методы работы и практические примеры внедрения Purple Team.

1.Qilin勒索团伙公布新的受害公司 2.BianLian团伙公布新的受害公司 3.Everest勒索团伙公布了新的受害公司

Новые технологии вызывают вопросы.

Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. "In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code

FTC обвиняет компанию в обмане потребителей при оформлении подписки.

7月25日，Coremail CACTER邮件安全联合北京中睿天下信息技术有限公司发布《2024第二季度企业邮 […]

Французские специалисты нашли способ удаления трояна PlugX.

新型电信网络诈骗主要有以下几类。

Linux 系统上广泛使用的 Ghostscript 文档转换工具包中存在一个远程代码执行漏洞，目前正在遭受攻击。

更好用了，不骗人，速来

银狐样本母体加载过程详细分析