Aggregator

·政策 自由贸易试验区数据出境负面清单管理办法、负面清单（2024版） ·报告 《中国网络安全市场十大创新方向》 ·标准 《网络安全技术 安全技术 网络安全 第7部分：网络虚拟化安全》征求意见稿 《数据安全技术 二手电子产品信息清除技术要求》 《网络安全技术　网络安全试验平台　体系架构》 《网络安全技术 网络空间安全图谱要素表示要求》

安全419将带来2024 CCS独家报道，敬请期待！

2024羊城杯wp-AI AK篇

A vulnerability has been found in Oracle Communications Diameter Signaling Router up to 8.5.0.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component API Gateway. The manipulation leads to information disclosure. This vulnerability is known as CVE-2021-34429. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

数据备份的国产化替代如何安全又高效？

A vulnerability classified as critical was found in Zoho WebNMS Framework 5.2/5.2 SP1. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument UserName leads to improper input validation. This vulnerability is known as CVE-2016-6603. The attack can be launched remotely. Furthermore, there is an exploit available.

Google раскрыла шпионаж в правительственных сетях с хитрым способом заражения.

8月25日，在中国信息安全测评中心的指导下，由广东省网络空间安全产业创新联合会主办、广州锦行网络科技有限公司承办的2024第一届青马红客“精英训练营”顺利结营

Миллионы бразильцев остались без платформы.

КНДР нашла очередной способ заработка криптовалюты, проникая в сердце систем.

全国首创！朝阳用安全大模型做政务网络安全保障了

A vulnerability was found in MediaTek MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788 and MT8789. It has been rated as critical. Affected by this issue is some unknown functionality of the component Vdec. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2024-20086. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in MediaTek MT6765, MT6768, MT6779, MT6785, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788 and MT8789. This affects an unknown part of the component Vdec. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-20087. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Linen and classified as problematic. Affected by this vulnerability is an unknown functionality of the file apps/web/pages/api/forgot-password/index.ts of the component Setting Handler. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2024-45522. Access to the local network is required for this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Linen. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to Privilege Escalation. This vulnerability is handled as CVE-2024-45522. Access to the local network is required for this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

VioHawk是一个通过危险程度引导的仿真测试工具，专门用于检测自动驾驶系统（ADS）的交通违规行为。

Кто стоит за атакой, подробности которой тщательно скрываются?

A vulnerability classified as critical has been found in Kaqoo Auction Software. This affects an unknown part of the file include/categories.inc.php. The manipulation of the argument install_root leads to code injection. This vulnerability is uniquely identified as CVE-2007-1790. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

澳个保机构指责Medibank此前网安预算过低