Aggregator

近日，中国互联网联合辟谣平台对8月网络谣言进行了梳理分析。网上数据监测和网民举报显示，当月网络谣言主要集中在虚构灾难事件炮制安全类谣言、歪解误读官方政策、炒作社会热点等方面，误导公众认知，扰乱社会秩序，影响网络生态。

9月2日，工业和信息化部发布《电子认证服务管理办法（征求意见稿）》，向社会公开征求意见，进一步加强电子认证服务行业监管，规范电子认证服务行为。意见反馈截止时间为2024年10月3日。

意见反馈截止日期为2024年9月16日。

今年9月9日至15日，是2024年国家网络安全宣传周。连日来，各地相关部门举办了一系列网络安全宣传普及活动，推动网络安全观念不断深入人心。

9月9日下午，2024年国家网络安全宣传周青少年网络保护分论坛在广州举办。

9月9日，2024年国家网络安全宣传周系列活动之一——人工智能赋能数字安全座谈会在广州南沙国际金融论坛中心召开。

2024年9月11日出版的《人民日报》刊发世界互联网大会推动构建网络空间命运共同体迈向新阶段理论研讨会发言摘编。

9月11日下午，CCS 2024成都网络安全系列活动──国家漏洞库（CNNVD）网络安全漏洞治理产业协同创新研讨活动，在成都高新创合中心报告大厅成功举办。

A vulnerability was found in Vm Watermark 0.4.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file watermark.php. The manipulation of the argument GALLERY_BASEDIR leads to code injection. This vulnerability is known as CVE-2007-2575. The attack can be launched remotely. Furthermore, there is an exploit available.

Daniel Allen |11 September 2024 a

Windows Security / VulnerabilityMicrosoft on Tuesday disclosed that three new security flaws impac

俄罗斯通信监管机构 Roskomnadzor 计划未来五年投入 590 亿卢布（约合人民币 45 亿）加强其网络流量过滤能力。这笔资金将用于升级过滤互联网流量的硬件，以及封堵或减慢特定资源

Межсетевой экран нового поколения готов заменить зарубежные аналоги.

A vulnerability was found in FIAT Forum 3.8.41. It has been rated as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-6643. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in East Wind Software advdaudio.ocx 1.5.1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file advdaudio.ocx of the component ActiveX Control. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2007-2576. The attack may be launched remotely. Furthermore, there is an exploit available.

This post first appeared on blog.netwrix.com and was written by Jeff Warren.
PowerShell is one of the most popular platforms for malicious actors. To protect your critical data and systems, it’s vital to implement strategies for blocking and detecting attacks that exploit PowerShell. However, you should not assume those security measures are airtight — adversaries are constantly looking for ways to bypass your defenses. Let’s explore three … Continued