Aggregator

1. 通告信息近日，安识科技A-Team团队监测到Oracle发布了10月安全更新，本次更新共包含387个新

本论文对BinaryAI底层算法进行剖析，介绍BinaryAI二进制源代码匹配算法如何实现其SCA优越性能。

Google's Threat Analysis Group analyzes recent state-sponsored campaigns exploiting the WinRAR vulnerability, CVE-2023-38831.

Contributors: Chris Wagner and Nikki Benoit Executive Summary  LummaStealer is a Malware-as-a-Service (MaaS) that is available on the dark web. MAAS models have substantially reduced the barrier to entry in the realm of big game hunting.  Instead of executing malspam and phishing campaigns directly, developers offer their platforms to other threat actors through an ecosystem … Continued

The post An iLUMMAnation on LummaStealer appeared first on VMware Security Blog.

It’s week three in our Cybersecurity Awareness Month blog series! This week, we interviewed NIST’s Michael Ogata (Computer Scientist) and Paul Watrobski (IT Security Specialist) about the importance of updating software. This week’s Cybersecurity Awareness Month theme is ‘updating software.’ How does your work/specialty area at NIST tie into this behavior? NIST’s Applied Cybersecurity Division’s core mission is to explore, measure, and evaluate both the cybersecurity guidance NIST provides as well as industry best practices. One of our current projects involves putting the practices described

创新驱动发展 科技引领未来

We added another signature (for CVE-2020-0618) and we take a look at a cred stuffing attack from last month. One formerly prevalent CVE has disappeared entirely, and we investigate why that happened.

SQLite3具有简单、轻量、高效的特点，广泛应用于小型应用和嵌入式系统的数据存储。在2023年BlackHat-Asian会议上，有三个SQLite3的漏洞被披露。

2023年10月18日，绿盟科技CERT监测发现Oracle官方发布了10月重要补丁更新公告，此次共修复了387个不同程度的漏洞。Oracle强烈建议客户尽快应用关键补丁更新修复程序，对漏洞进行修复。

Goby社区第 32 篇技术分享文章全文共：6841 字 预计阅读时间：18 分钟

近日，天津滨海新区中国信创谷、长城所的领导和专家们来京拜访星阑科技，围绕数字经济时代下企业数字化转型趋势，安全基础设施及技术体系建设，大模型落地实践应用与挑战等话题展开讨论，共探AI时代数据安全发展战略。

近日上海市公安局和上海市总工会联手举办的2023年度上海公安刑事技术技能大赛在奇安信集团盘古石取证团队支撑下

清华大学网络与信息安全实验室学术论文分享活动

近期，Google紧急发布了一则关于WebP的安全修复，并指出该漏洞极有可能是BLASTPASS攻击中使用的漏洞。据不完全统计，WebP组件的下游软件可能超过百万款，或将使其成为下一个Log4Shell漏洞，建议及时更新到最新版。

【防溯源】"一键登录"是把双刃剑，如何关闭手机号码一键登录业务

翻译自 https://twitter.com/pmarca/status/1713930459779129

当前，世界之变、时代之变、历史之变正以前所未有的方式展开，数字技术成为重组全球要素资源、重塑全球经济结构、重构全球竞争格局的关键力量。当技术、法律与社会交汇，如何在维持“秩序之道”的同时，谋求“发展之道”，需凝聚各方智慧，共谋发展良策。

Discover Precursor, a revolutionary tool for payload similarity analysis in data science and cybersecurity. Dive deep into its features, potential applications, and how it can enhance your work in threat intelligence, malware detection, and network traffic analysis. Learn more now!"