Silent Ransom Group 通过虚假 IT 支持电话攻击律师事务所
根据网络安全公司 Mandiant 的一份最新报告,Silent Ransom Group 勒索团伙正在积极针对美国的律师事务所和专业服务组织发起社会工程攻击,往往在初次接触后数小时内就完成数据窃取。 这份报告发布之前,FBI 上周发布了一份 FLASH 通告,警告称 Silent Ransom Group 正针对美国律师事务所进行社会工程攻击,甚至是现场数据窃取攻击。Mandiant 现在提供了...
Aggregator
Silent Ransom Group 通过虚假 IT 支持电话攻击律师事务所
2 weeks 2 days ago
error code: 1003
Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities
2 weeks 2 days ago
The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe
CBSE Re-Evaluation Portal Goes Live After Final Cybersecurity Clearance
2 weeks 2 days ago
The Central Board of Seconda
少数派正版软件 + 付费教程 618 促销活动限时开启
2 weeks 2 days ago
又到了每年的 618 购物节,少数派照例为大家带来了众多优质正版软件和实用教程的大型活动专场。如果你有心仪的软件或者教程,都可以趁着优惠果断出手。TL;DR: 活动时间:2025 年 6 月 8 日(
新药功能性治愈部分乙肝患者
2 weeks 2 days ago
葛兰素史克公布了其实验乙肝治疗药物 bepirovirsen(bepi)的两项重复双盲试验结果:疫苗功能性治愈了 19% 的患者。全世界大约有 2.4 亿人感染了慢性乙肝,每年 110 万人死亡。大部分慢性乙肝患者没有接受治疗。完全治愈乙肝非常困难,因此评估药物的疗效主要是功能性治愈——即检测不到病毒。在 1220 名注射 bepirovirsen 的患者中有 233 人功能性治愈,对照组无人功能性治愈。研究人员强调 bepirovirsen 对大部分慢性乙肝患者效果有限。
新药功能性治愈部分乙肝患者
2 weeks 2 days ago
思科预警 2026 年第 7 个 SD-WAN 零日漏洞已被利用
2 weeks 2 days ago
思科周四向客户通报,其 SD-WAN 产品又发现一个已被在野利用的漏洞——这是 2026 年检测到的第 7 个被利用的该类漏洞。 该新漏洞编号为 CVE-2026-20245,影响 Cisco Catalyst SD-WAN Manager 的命令行界面(CLI),目前思科尚未发布补丁。 拥有合法身份认证的本地攻击者可通过特制文件利用该漏洞,以 root 权限执行任意命令。...
hackernews
思科预警 2026 年第 7 个 SD-WAN 零日漏洞已被利用
2 weeks 2 days ago
error code: 1003
Student Project webrtc chhat app need security Review
2 weeks 2 days ago
Meta AI Bug Exposes Over 20,000 Instagram Accounts
2 weeks 2 days ago
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset
AI代码安全:从发现到确证
2 weeks 2 days ago
数世观察:当AI开始自主挖掘漏洞、构造利用链、在沙箱里跑通PoC,代码安全的游戏规则正在被改写,行业瓶颈正从“如何发现漏洞”转向“如何验证和修复漏洞”
AI代码安全:从发现到确证
2 weeks 2 days ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
OpenAI is locking down parts of ChatGPT to reduce data theft risks
2 weeks 2 days ago
OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is available for personal accounts, including Free, Go, Plus, and Pro plans, as well as self-serve ChatGPT Business accounts. “Lockdown Mode is not intended for everyone. It is designed for people and organizations that handle sensitive data and want stronger protection against data exfiltration risks associated with prompt injection,” the company … More →
The post OpenAI is locking down parts of ChatGPT to reduce data theft risks appeared first on Help Net Security.
Anamarija Pogorelec
关注 | 国家网信办、市场监管总局联合印发《网络测评活动规范》(附全文)
2 weeks 2 days ago
近日,国家网信办、市场监管总局联合印发《网络测评活动规范》(以下简称《规范》)。国家网信办有关负责人表示,《规范》旨在规范网络测评活动,维护公平市场竞争秩序,保护公民、法人和其他组织合法权益。
CNNVD | 重要安全漏洞通报(2026年第三期)
2 weeks 2 days ago
根据国家信息安全漏洞库(CNNVD)统计,本月新增漏洞7863个,其中超危漏洞503个、高危漏洞2318个、中危漏洞4782个、低危漏洞260个,相应厂商修复率分别为75.15%、78.60%、81.47%以及73.46%……
От Pin-Up до Azino. ФСБ и СК ликвидировали платформу, обслуживавшую 14 онлайн-казино, — задержаны 24 человека
2 weeks 2 days ago
Следствие считает, что фигуранты проводили тысячи нелегальных транзакций ежедневно.
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
2 weeks 2 days ago
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026.
The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also known as
The Hacker News
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
2 weeks 2 days ago
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion ca
Meta 称约 2 万个 Instagram 账户因 AI 工具遭滥用而被黑
2 weeks 2 days ago
Meta 表示,在最近一起滥用 AI 驱动的账户恢复支持工具的攻击中,约有 2 万个 Instagram 账户可能遭到入侵。 黑客只需向 Meta 的聊天机器人提出请求,将其自己的电子邮件地址绑定到目标账户上,就能入侵大量 Instagram 账户。这使得黑客可以重置账户密码并夺取控制权。 据报道,许多高知名度账户遭到入侵并在暗网上被出售。受影响的账户包括奥巴马白宫、丝芙兰(Sephora)以及美...
hackernews